|
312441
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Check if more than chunk-size bytes are written
A incorrectly formatted chunk may decompress into
more than LZNT_CHUNK_…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50247
|
2024-11-14 02:58 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312442
|
7.2 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the arg…
|
CWE-77
Command Injection
|
CVE-2024-10429
|
2024-11-14 02:58 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312443
|
7.2 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation …
|
CWE-77
Command Injection
|
CVE-2024-10428
|
2024-11-14 02:57 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312444
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-47803
|
2024-11-14 02:45 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312445
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Add rough attr alloc_size check
|
NVD-CWE-noinfo
|
CVE-2024-50246
|
2024-11-14 02:38 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312446
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvmet-auth: assign dh_key to NULL after kfree_sensitive
ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()…
|
CWE-415
Double Free
|
CVE-2024-50215
|
2024-11-14 02:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312447
|
7.5 |
HIGH
Network
|
jenkins
|
credentials
|
Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `confi…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-47805
|
2024-11-14 02:32 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312448
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix possible deadlock in mi_read
Mutex lock with another subclass used in ni_lock_dir().
|
NVD-CWE-noinfo
|
CVE-2024-50245
|
2024-11-14 02:29 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312449
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Additional check in ni_clear()
Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to
uninitialized bitmap dur…
|
NVD-CWE-noinfo
|
CVE-2024-50244
|
2024-11-14 02:28 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312450
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of …
|
NVD-CWE-noinfo
|
CVE-2024-47804
|
2024-11-14 02:28 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
