Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-05 | CVE-2024-39482 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache set. | 5.5 |
| 2024-07-05 | CVE-2024-39483 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. | 5.5 |
| 2024-07-05 | CVE-2024-39484 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y. | 5.5 |
| 2024-07-05 | CVE-2024-39485 | Improper Initialization vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifier_entry of a notifier is not re-initialised after unregistering the notifier. | 5.5 |
| 2024-07-05 | CVE-2024-32498 | Unspecified vulnerability in Openstack Nova An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. | 6.5 |
| 2024-07-05 | CVE-2024-34481 | Cross-site Scripting vulnerability in Kontextwork Drupal Wiki 8.30/8.31 drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, captions, and image titles of a Wiki page. | 6.1 |
| 2024-07-04 | CVE-2024-39936 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in QT An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. | 5.9 |
| 2024-07-04 | CVE-2024-37471 | Cross-site Scripting vulnerability in Xtendify Woffice Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice Core allows Reflected XSS.This issue affects Woffice Core: from n/a through 5.4.8. | 6.1 |
| 2024-07-04 | CVE-2024-37472 | Cross-site Scripting vulnerability in Xtendify Woffice Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice allows Reflected XSS.This issue affects Woffice: from n/a through 5.4.8. | 6.1 |
| 2024-07-04 | CVE-2024-37474 | Cross-site Scripting vulnerability in Automattic Newspack ADS Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1. | 5.4 |