Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-17 | CVE-2024-42315 | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. | 5.5 |
| 2024-08-17 | CVE-2024-42316 | Divide By Zero vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rotate_reclaimable() cannot handle those folios due to the isolation. The second pass tries to avoid potential double counting by deducting scan_control->nr_scanned. | 5.5 |
| 2024-08-17 | CVE-2024-42320 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. | 5.5 |
| 2024-08-17 | CVE-2022-4532 | The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. network low complexity | 6.5 |
| 2024-08-17 | CVE-2023-1604 | The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. network low complexity | 4.7 |
| 2024-08-17 | CVE-2023-4024 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-17 | CVE-2023-4025 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-17 | CVE-2023-4027 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-17 | CVE-2023-4507 | The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. network low complexity | 6.1 |
| 2024-08-17 | CVE-2023-4604 | The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. network low complexity | 6.1 |