|
310181
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf, lsm: Add check for BPF LSM return value
A bpf prog returning a positive number attached to file_alloc_security
hook makes ke…
|
NVD-CWE-noinfo
|
CVE-2024-47703
|
2024-10-24 22:33 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310182
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
syzbot reported a kernel crash due to
commit 1f1e86…
|
NVD-CWE-noinfo
|
CVE-2024-47702
|
2024-10-24 22:30 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310183
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: check discard support for conventional zones
As the helper function f2fs_bdev_support_discard() shows, f2fs checks if
the t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47680
|
2024-10-24 22:28 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310184
|
4.9 |
MEDIUM
Network
|
teamplus
|
team\+_pro
|
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root dir…
|
NVD-CWE-Other
|
CVE-2024-9923
|
2024-10-24 22:24 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310185
|
7.5 |
HIGH
Network
|
teamplus
|
team\+_pro
|
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
|
NVD-CWE-Other
|
CVE-2024-9922
|
2024-10-24 22:21 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310186
|
9.8 |
CRITICAL
Network
|
teamplus
|
team\+_pro
|
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database c…
|
CWE-89
SQL Injection
|
CVE-2024-9921
|
2024-10-24 22:19 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310187
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10286
|
2024-10-24 13:08 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310188
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10289
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310189
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10288
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310190
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10287
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
