|
306541
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module <= v0.11.1 (> 0.9.0) allows an authenticated admin user to manipul…
|
CWE-89
SQL Injection
|
CVE-2024-43415
|
2024-11-14 02:01 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306542
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()
modprobe drm_hdmi_state_helper_test and then rmmod it, the f…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50213
|
2024-11-14 02:01 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306543
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()
The step variable is initialized to zero. It is changed …
|
CWE-369
Divide By Zero
|
CVE-2024-50205
|
2024-11-14 02:00 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306544
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
unicode: Don't special case ignorable code points
We don't need to handle them separately. Instead, just let them
decompose/casef…
|
NVD-CWE-noinfo
|
CVE-2024-50089
|
2024-11-14 01:59 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306545
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init
The loop responsible for allocating up to MTK_FQ_DMA_LENGTH …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50206
|
2024-11-14 01:56 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306546
|
7.2 |
HIGH
Network
|
dell
|
enterprise_sonic_distribution
|
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker w…
|
CWE-78
OS Command
|
CVE-2024-45763
|
2024-11-14 01:52 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306547
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: bcmasp: fix potential memory leak in bcmasp_xmit()
The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb
in case of map…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50170
|
2024-11-14 01:44 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306548
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Check the remaining info_cnt before repeating btf fields
When trying to repeat the btf fields for array of nested struct, it…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-50161
|
2024-11-14 01:36 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306549
|
- |
|
-
|
-
|
An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component.
|
-
|
CVE-2024-51055
|
2024-11-14 01:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306550
|
- |
|
-
|
-
|
An incorrect access control issue in HomeServe Home Repair' android app - 3.3.4 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function.
|
-
|
CVE-2024-40240
|
2024-11-14 01:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
