|
315021
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm: list_lru: fix UAF for memory cgroup
The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or
cgroup_mutex or…
|
CWE-416
Use After Free
|
CVE-2024-43888
|
2024-08-27 23:37 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315022
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check in resource_log_pipe_topology_update
[WHY]
When switching from "Extend" to "Second Display Only" …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43886
|
2024-08-27 23:37 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315023
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
|
CWE-89
SQL Injection
|
CVE-2024-5586
|
2024-08-27 23:37 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315024
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
|
CWE-89
SQL Injection
|
CVE-2024-5556
|
2024-08-27 23:36 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315025
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
|
CWE-89
SQL Injection
|
CVE-2024-5490
|
2024-08-27 23:36 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315026
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the…
|
-
|
CVE-2024-42816
|
2024-08-27 23:35 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315027
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_servicedesk_plus_msp
manageengine_servicedesk_plus
manageengine_supportcenter_plus
|
An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41150
|
2024-08-27 23:35 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315028
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
|
CWE-89
SQL Injection
|
CVE-2024-5467
|
2024-08-27 23:35 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315029
|
6.1 |
MEDIUM
Network
|
blood_bank_system_project
|
blood_bank_system
|
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8174
|
2024-08-27 23:32 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315030
|
9.8 |
CRITICAL
Network
|
tenda
|
ax1806_firmware
|
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44557
|
2024-08-27 23:30 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
