|
315271
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cgroup/cpuset: Prevent UAF in proc_cpuset_show()
An UAF can happen when /proc/cpuset is read as reported in [1].
This can be rep…
|
CWE-416
Use After Free
|
CVE-2024-43853
|
2024-09-4 21:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315272
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix extent map use-after-free when adding pages to compressed bio
At add_ra_bio_pages() we are accessing the extent map to…
|
CWE-416
Use After Free
|
CVE-2024-42314
|
2024-09-4 21:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315273
|
9.8 |
CRITICAL
Network
|
easytest
|
easytest_online_test_platform
|
SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.
|
CWE-89
SQL Injection
|
CVE-2024-43772
|
2024-09-4 21:11 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315274
|
4.3 |
MEDIUM
Network
|
majeedraza
|
carousel_slider
|
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Sl…
|
CWE-352
Origin Validation Error
|
CVE-2024-45270
|
2024-09-4 20:51 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315275
|
4.3 |
MEDIUM
Network
|
majeedraza
|
carousel_slider
|
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carouse…
|
CWE-352
Origin Validation Error
|
CVE-2024-45269
|
2024-09-4 20:49 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315276
|
4.7 |
MEDIUM
Network
|
code-projects
|
pharmacy_management_system
|
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the compone…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8366
|
2024-09-4 20:26 |
2024-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315277
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2024-7821
|
2024-09-4 19:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315278
|
- |
|
-
|
-
|
YugabyteDB v2.21.1.0 was discovered to contain a buffer overflow via the "insert into" parameter.
|
-
|
CVE-2024-41435
|
2024-09-4 06:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315279
|
7.8 |
HIGH
Local
|
automationanywhere
|
automation_360
|
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arg…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-41226
|
2024-09-4 06:15 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315280
|
9.8 |
CRITICAL
Network
|
project_expense_monitoring_system_project
|
project_expense_monitoring_system
|
A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the …
|
CWE-89
SQL Injection
|
CVE-2024-7937
|
2024-09-4 05:43 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
