Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-42227 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dml_core_mode_programming [WHY] &mode_lib->mp.Watermark and &locals->Watermark are the same address. | 4.7 |
| 2024-07-30 | CVE-2024-42229 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. | 4.1 |
| 2024-07-30 | CVE-2024-42230 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. | 4.4 |
| 2024-07-30 | CVE-2024-42231 | Incorrect Calculation vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix calc_available_free_space() for zoned mode calc_available_free_space() returns the total size of metadata (or system) block groups, which can be allocated from unallocated disk space. | 5.5 |
| 2024-07-30 | CVE-2024-7100 | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_button shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity | 6.4 |
| 2024-07-30 | CVE-2024-3986 | Cross-site Scripting vulnerability in Themeboy Sportspress The SportsPress WordPress plugin before 2.7.22 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) | 4.8 |
| 2024-07-30 | CVE-2024-7218 | Cross-site Scripting vulnerability in Oretnom23 School LOG Management System 1.0 A vulnerability was found in SourceCodester School Log Management System 1.0. | 6.1 |
| 2024-07-30 | CVE-2024-7216 | Use of Hard-coded Password vulnerability in Totolink Lr1200 Firmware 9.3.1Cu.2832 A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. | 5.3 |
| 2024-07-29 | CVE-2024-27809 | Unspecified vulnerability in Apple Macos A privacy issue was addressed with improved private data redaction for log entries. | 5.5 |
| 2024-07-29 | CVE-2024-27823 | Race Condition vulnerability in Apple products A race condition was addressed with improved locking. | 5.9 |