Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-07 | CVE-2024-10966 | Unspecified vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. | 8.8 |
| 2024-11-07 | CVE-2024-10967 | SQL Injection vulnerability in Anisha E-Health Care System 1.0 A vulnerability was found in code-projects E-Health Care System 1.0. | 7.5 |
| 2024-11-07 | CVE-2024-10964 | Classic Buffer Overflow vulnerability in Emqx Neuron A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. | 9.8 |
| 2024-11-07 | CVE-2024-10965 | Unspecified vulnerability in Emqx Neuron A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. | 6.5 |
| 2024-11-07 | CVE-2024-10963 | A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. | 7.4 |
| 2024-11-07 | CVE-2024-8442 | The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Blog widget in all versions up to, and including, 3.15.18 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |
| 2024-11-07 | CVE-2023-1973 | A flaw was found in Undertow package. network low complexity | 7.5 |
| 2024-11-07 | CVE-2024-50139 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14 shift exponent 33 is too large for 32-bit type 'int' CPU: 26 UID: 0 PID: 7629 Comm: qemu-kvm Not tainted 6.12.0-rc2 #34 Hardware name: IEI NF5280R7/Mitchell MB, BIOS 00.00. | 5.5 |
| 2024-11-07 | CVE-2024-50140 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe [ 63.696416] preempt_count: 10001, expected: 0 [ 63.696416] RCU nest depth: 1, expected: 1 This problem is caused by the following call trace. sched_tick() [ acquire rq->__lock ] -> task_tick_mm_cid() -> task_work_add() -> __kasan_record_aux_stack() -> kasan_save_stack() -> stack_depot_save_flags() -> alloc_pages_mpol_noprof() -> __alloc_pages_noprof() -> get_page_from_freelist() -> rmqueue() -> rmqueue_pcplist() -> __rmqueue_pcplist() -> rmqueue_bulk() -> rt_spin_lock() The rq lock is a raw_spinlock_t. | 5.5 |
| 2024-11-07 | CVE-2024-50141 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type EFI_CONVENTIONAL_MEMORY, which is not appropriate for runtime services as described in Section 2.2.2 (Runtime Services) of the UEFI Specification [1]. | 5.5 |