|
306441
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
Sometimes during hotplug scenario or suspend/resume scenario encode…
|
NVD-CWE-noinfo
|
CVE-2024-53051
|
2024-11-21 01:16 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306442
|
4.3 |
MEDIUM
Network
|
themeum
|
tutor_lms_elementor_addons
|
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_etlms_dependency_plugin() function in all versio…
|
CWE-862
Missing Authorization
|
CVE-2024-10897
|
2024-11-21 01:09 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306443
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing/timerlat: Fix a race during cpuhp processing
There is another found exception that the "timerlat/1" thread was
scheduled …
|
CWE-362
Race Condition
|
CVE-2024-49866
|
2024-11-21 00:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306444
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
eventfs: Use list_del_rcu() for SRCU protected list variable
Chi Zhiling reported:
We found a null pointer accessing in tracef…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46785
|
2024-11-21 00:51 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306445
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tcp_bpf: fix return value of tcp_bpf_sendmsg()
When we cork messages in psock->cork, the last message triggers the
flushing will …
|
NVD-CWE-noinfo
|
CVE-2024-46783
|
2024-11-21 00:47 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306446
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Don't free job in TDR
Freeing job in TDR is not safe as TDR can pass the run_job thread
resulting in UAF. It is only safe…
|
CWE-416
Use After Free
|
CVE-2024-50149
|
2024-11-21 00:45 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306447
|
7.5 |
HIGH
Network
|
anisha
|
job_recruitment
|
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file reset.php. The manipulation of…
|
CWE-89
SQL Injection
|
CVE-2024-11241
|
2024-11-21 00:41 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306448
|
7.5 |
HIGH
Network
|
crmeb
|
crmeb
|
CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can bypass the front-end restriction of only being able to claim coupons once by capturing packets and sending a large number of data pa…
|
NVD-CWE-noinfo
|
CVE-2024-50653
|
2024-11-21 00:36 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306449
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
userfaultfd: fix checks for huge PMDs
Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2.
The pmd_trans_hug…
|
NVD-CWE-noinfo
|
CVE-2024-46787
|
2024-11-21 00:33 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306450
|
8.8 |
HIGH
Network
|
glpi-project
|
glpi
|
GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take …
|
CWE-89
SQL Injection
|
CVE-2024-40638
|
2024-11-21 00:30 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
