|
306561
|
6.1 |
MEDIUM
Network
|
veritas
|
data_insight
|
An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2024-47854
|
2024-11-14 00:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306562
|
6.5 |
MEDIUM
Adjacent
|
zephyrproject
|
zephyr
|
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-6444
|
2024-11-14 00:24 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306563
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: core: Fix null-ptr-deref in target_alloc_device()
There is a null-ptr-deref issue reported by KASAN:
BUG: KASAN: n…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50153
|
2024-11-14 00:23 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306564
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ACPI: PAD: fix crash in exit_round_robin()
The kernel occasionally crashes in cpumask_clear_cpu(), which is called
within exit_ro…
|
NVD-CWE-noinfo
|
CVE-2024-49935
|
2024-11-14 00:21 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306565
|
4.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name
It's observed that a crash occurs during hot-remove a memor…
|
NVD-CWE-noinfo
|
CVE-2024-49934
|
2024-11-14 00:18 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306566
|
5.3 |
MEDIUM
Network
|
iowacomputergurus
|
aspnetcore.utilities.cloudstorage
|
ICG.AspNetCore.Utilities.CloudStorage is a collection of cloud storage utilities to assist with the management of files for cloud upload. Users of this library that set a duration for a SAS Uri with …
|
NVD-CWE-noinfo
|
CVE-2024-50353
|
2024-11-14 00:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306567
|
7.5 |
HIGH
Network
|
idurarapp
|
idurar
|
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is acc…
|
CWE-22
CWE-23
Path Traversal
Relative Path Traversal
|
CVE-2024-47769
|
2024-11-14 00:12 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306568
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
blk_iocost: fix more out of bound shifts
Recently running UBSAN caught few out of bound shifts in the
ioc_forgive_debts() functio…
|
NVD-CWE-noinfo
|
CVE-2024-49933
|
2024-11-14 00:09 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306569
|
9.8 |
CRITICAL
Network
|
yarpp
|
yet_another_related_posts_plugin
|
Access Control vulnerability in YARPP YARPP allows .
This issue affects YARPP: from n/a through 5.30.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43919
|
2024-11-14 00:02 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306570
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't readahead the relocation inode on RST
On relocation we're doing readahead on the relocation inode, but if the
filesy…
|
CWE-617
Reachable Assertion
|
CVE-2024-49932
|
2024-11-14 00:01 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
