|
313581
|
6.5 |
MEDIUM
Network
|
m-files
|
m-files_server
|
A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files
|
CWE-22
Path Traversal
|
CVE-2024-6789
|
2024-09-16 16:15 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313582
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix a deadlock problem when config TC during resetting
When config TC during the reset process, may cause a deadlock, …
|
CWE-667
Improper Locking
|
CVE-2024-44995
|
2024-09-16 03:15 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313583
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()
[BUG]
There is an internal report that KASAN is repor…
|
CWE-415
CWE-416
Double Free
Use After Free
|
CVE-2024-46687
|
2024-09-15 01:17 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313584
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()
This happens when called from SMB2_read() while using rdma
and …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46686
|
2024-09-15 01:16 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313585
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: single: fix potential NULL dereference in pcs_get_function()
pinmux_generic_get_function() can return NULL and the point…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46685
|
2024-09-15 01:00 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313586
|
9.8 |
CRITICAL
Network
|
code-projects
|
crud_operation_system
|
A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatedata.php. The manipulation of the argument si…
|
CWE-89
SQL Injection
|
CVE-2024-8762
|
2024-09-15 00:54 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313587
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to …
|
NVD-CWE-noinfo
|
CVE-2024-8754
|
2024-09-15 00:40 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313588
|
7.2 |
HIGH
Network
|
-
|
-
|
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input …
|
-
|
CVE-2024-8281
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313589
|
7.2 |
HIGH
Network
|
-
|
-
|
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service usin…
|
-
|
CVE-2024-8280
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313590
|
7.2 |
HIGH
Network
|
-
|
-
|
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
|
-
|
CVE-2024-8279
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
