|
314071
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not start relocation until in progress drops are done
We hit a bug with a recovering relocation on mount for one of our…
|
NVD-CWE-noinfo
|
CVE-2022-48901
|
2024-09-12 23:05 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314072
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not WARN_ON() if we have PageError set
Whenever we do any extent buffer operations we call
assert_eb_page_uptodate() to…
|
NVD-CWE-noinfo
|
CVE-2022-48902
|
2024-09-12 23:01 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314073
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()
We are seeing crashes similar to the followin…
|
NVD-CWE-noinfo
|
CVE-2022-48903
|
2024-09-12 22:58 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314074
|
9.8 |
CRITICAL
Network
|
sap
|
business_objects_business_intelligence_platform
|
In SAP BusinessObjects Business Intelligence
Platform, if Single Signed On is enabled on Enterprise authentication, an
unauthorized user can get a logon token using a REST endpoint. The attacker can
…
|
CWE-862
Missing Authorization
|
CVE-2024-41730
|
2024-09-12 22:56 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314075
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Fix I/O page table memory leak
The current logic updates the I/O page table mode for the domain
before calling the log…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48904
|
2024-09-12 22:55 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314076
|
5.3 |
MEDIUM
Network
|
sap
|
commerce
|
In SAP Commerce, valid user accounts can be
identified during the customer registration and login processes. This allows a
potential attacker to learn if a given e-mail is used for an account, but do…
|
NVD-CWE-noinfo
|
CVE-2024-41733
|
2024-09-12 22:55 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314077
|
4.9 |
MEDIUM
Network
|
continew
|
admin
|
A vulnerability classified as critical was found in ContiNew Admin 3.2.0. Affected by this vulnerability is the function top.continew.starter.extension.crud.controller.BaseController#tree of the file…
|
CWE-89
SQL Injection
|
CVE-2024-8155
|
2024-09-12 22:53 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314078
|
5.4 |
MEDIUM
Network
|
sap
|
commerce_backoffice
|
SAP Commerce Backoffice does not sufficiently
encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)
vulnerability causing low impact on confidentiality and integrity of the
applicati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41735
|
2024-09-12 22:53 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314079
|
4.3 |
MEDIUM
Network
|
sap
|
permit_to_work
|
Under certain conditions SAP Permit to Work
allows an authenticated attacker to access information which would otherwise be
restricted causing low impact on the confidentiality of the application.
|
NVD-CWE-noinfo
|
CVE-2024-41736
|
2024-09-12 22:51 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314080
|
5.0 |
MEDIUM
Network
|
sap
|
crm_abap_insights_management
|
SAP CRM ABAP (Insights
Management) allows an authenticated attacker to enumerate HTTP endpoints in the
internal network by specially crafting HTTP requests. On successful
exploitation this can result…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-41737
|
2024-09-12 22:49 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
