Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-21 | CVE-2024-50000 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field. Found by Linux Verification Center (linuxtesting.org) with SVACE. | 5.5 |
| 2024-10-21 | CVE-2024-50001 | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. | 5.5 |
| 2024-10-21 | CVE-2024-50002 | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. | 5.5 |
| 2024-10-21 | CVE-2024-40746 | Cross-site Scripting vulnerability in Hikashop A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the `description` parameter of any product. | 5.4 |
| 2024-10-21 | CVE-2024-49366 | Path Traversal vulnerability in Nginxui Nginx UI Nginx UI is a web user interface for the Nginx web server. | 7.5 |
| 2024-10-21 | CVE-2024-49367 | Missing Authorization vulnerability in Nginxui Nginx UI Nginx UI is a web user interface for the Nginx web server. | 7.5 |
| 2024-10-21 | CVE-2024-49368 | Unspecified vulnerability in Nginxui Nginx UI Nginx UI is a web user interface for the Nginx web server. | 9.8 |
| 2024-10-21 | CVE-2024-45309 | Path Traversal vulnerability in Onedev Project Onedev OneDev is a Git server with CI/CD, kanban, and packages. | 7.5 |
| 2024-10-21 | CVE-2024-8305 | Unspecified vulnerability in Mongodb prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. | 6.5 |
| 2024-10-21 | CVE-2023-52917 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() The debugfs_create_dir() function returns error pointers. It never returns NULL. | 5.5 |