Weekly Vulnerabilities Reports > July 15 to 21, 2024
Overview
408 new vulnerabilities reported during this period, including 58 critical vulnerabilities and 106 high severity vulnerabilities. This weekly summary report vulnerabilities in 204 products from 132 vendors including Linux, Oracle, Apache, Google, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Use After Free", "Path Traversal", and "Out-of-bounds Write".
- 330 reported vulnerabilities are remotely exploitables.
- 156 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 156 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 64 reported vulnerabilities.
- Solarwinds has the most reported critical vulnerabilities, with 12 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
58 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-07-18 | CVE-2024-5618 | Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Apinizer Management Console: before 2024.05.1. | 9.9 | |
2024-07-21 | CVE-2024-6957 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez University Management System 1.0 A vulnerability classified as critical has been found in itsourcecode University Management System 1.0. | 9.8 |
2024-07-21 | CVE-2024-6953 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. | 9.8 |
2024-07-21 | CVE-2024-6951 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Simple Online Book Store System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. | 9.8 |
2024-07-21 | CVE-2024-6948 | Gargaj | Unrestricted Upload of File with Dangerous Type vulnerability in Gargaj Wuhu A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. | 9.8 |
2024-07-21 | CVE-2024-38437 | Dlink | Missing Authentication for Critical Function vulnerability in Dlink Dsl-225 Firmware Bz1.00.16 D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel | 9.8 |
2024-07-21 | CVE-2024-38438 | Dlink | Authentication Bypass by Capture-replay vulnerability in Dlink Dsl-225 Firmware Gem1.00.02 D-Link - CWE-294: Authentication Bypass by Capture-replay | 9.8 |
2024-07-21 | CVE-2024-6945 | Flute CMS | Unrestricted Upload of File with Dangerous Type vulnerability in Flute-Cms Flute 0.2.2.4 A vulnerability was found in Flute CMS 0.2.2.4-alpha. | 9.8 |
2024-07-20 | CVE-2024-6636 | The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'woo_slg_login_email' function in all versions up to, and including, 2.7.3. | 9.8 | |
2024-07-19 | CVE-2024-6205 | Payplus | SQL Injection vulnerability in Payplus Payment Gateway The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability. | 9.8 |
2024-07-19 | CVE-2024-6899 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 9.8 |
2024-07-19 | CVE-2024-6898 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 9.8 |
2024-07-18 | CVE-2024-0857 | UNI YAZ | SQL Injection vulnerability in Uni-Yaz Flexwater Corporate Water Management Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. | 9.8 |
2024-07-18 | CVE-2023-40704 | Philips | Unspecified vulnerability in Philips VUE Pacs 12.2.8.0 Philips Vue PACS uses default credentials for potentially critical functionality. | 9.8 |
2024-07-18 | CVE-2024-40629 | Fit2Cloud | Path Traversal vulnerability in Fit2Cloud Jumpserver JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. | 9.8 |
2024-07-18 | CVE-2024-39907 | Fit2Cloud | SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts/1.10.9Lts 1Panel is a web-based linux server management control panel. | 9.8 |
2024-07-18 | CVE-2024-39911 | Fit2Cloud | SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts 1Panel is a web-based linux server management control panel. | 9.8 |
2024-07-18 | CVE-2024-6164 | YMC 22 | Path Traversal vulnerability in Ymc-22 Filter & Grids The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. | 9.8 |
2024-07-17 | CVE-2024-23465 | Solarwinds | Improper Authentication vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23466 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23467 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23469 | Solarwinds | Improper Input Validation vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23470 | Solarwinds | Improper Authentication vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23471 | Solarwinds | Improper Authentication vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23474 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. | 9.8 |
2024-07-17 | CVE-2024-23475 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. | 9.8 |
2024-07-17 | CVE-2024-28074 | Solarwinds | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. | 9.8 |
2024-07-17 | CVE-2024-5471 | Zohocorp | Use of Hard-coded Credentials vulnerability in Zohocorp Manageengine DDI Central Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys. | 9.8 |
2024-07-17 | CVE-2024-36491 | Centurysys | OS Command Injection vulnerability in Centurysys products FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. | 9.8 |
2024-07-17 | CVE-2024-6220 | Keydatas | Unrestricted Upload of File with Dangerous Type vulnerability in Keydatas The ????? (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the keydatas_downloadImages function in all versions up to, and including, 2.5.2. | 9.8 |
2024-07-17 | CVE-2024-6808 | Code Projects | SQL Injection vulnerability in Code-Projects Simple Task List 1.0 A vulnerability was found in itsourcecode Simple Task List 1.0. | 9.8 |
2024-07-17 | CVE-2024-6803 | Document Management System Project | SQL Injection vulnerability in Document Management System Project Document Management System 1.0 A vulnerability has been found in itsourcecode Document Management System 1.0 and classified as critical. | 9.8 |
2024-07-17 | CVE-2024-6801 | Online Student Management System Project | Unrestricted Upload of File with Dangerous Type vulnerability in Online Student Management System Project Online Student Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Online Student Management System 1.0. | 9.8 |
2024-07-17 | CVE-2024-6802 | Computer Laboratory Management System Project | SQL Injection vulnerability in Computer Laboratory Management System Project Computer Laboratory Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
2024-07-16 | CVE-2024-21181 | Oracle | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
2024-07-16 | CVE-2024-40129 | Open5Gs | Out-of-bounds Write vulnerability in Open5Gs 2.6.4 Open5GS v2.6.4 is vulnerable to Buffer Overflow. | 9.8 |
2024-07-16 | CVE-2024-40130 | Open5Gs | Out-of-bounds Write vulnerability in Open5Gs 2.6.4 open5gs v2.6.4 is vulnerable to Buffer Overflow. | 9.8 |
2024-07-16 | CVE-2024-40393 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Online Clinic Management System 1.0 Online Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user parameter at login.php. | 9.8 |
2024-07-16 | CVE-2024-22442 | HP | Unspecified vulnerability in HP 3Par Service Processor Firmware The vulnerability could be remotely exploited to bypass authentication. | 9.8 |
2024-07-16 | CVE-2024-33180 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Ac18 Firmware 15.03.3.10 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. | 9.8 |
2024-07-16 | CVE-2024-33182 | Tendacn | Out-of-bounds Write vulnerability in Tendacn Ac18 Firmware 15.03.3.10 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. | 9.8 |
2024-07-16 | CVE-2024-35338 | Tendacn | Use of Hard-coded Credentials vulnerability in Tendacn I29 Firmware 1.0.0.5 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. | 9.8 |
2024-07-16 | CVE-2024-6457 | The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the ‘woof_author’ parameter in all versions up to, and including, 1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 | |
2024-07-15 | CVE-2024-40415 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | 9.8 |
2024-07-15 | CVE-2024-40416 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | 9.8 |
2024-07-15 | CVE-2024-40414 | Tenda | Out-of-bounds Write vulnerability in Tenda Ax1806 Firmware 1.0.0.1 A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | 9.8 |
2024-07-15 | CVE-2024-6745 | Code Projects | SQL Injection vulnerability in Code-Projects Simple Ticket Booking 1.0 A vulnerability classified as critical has been found in code-projects Simple Ticket Booking 1.0. | 9.8 |
2024-07-15 | CVE-2024-6743 | Space Management System Project | SQL Injection vulnerability in Space Management System Project Space Management System 202404093302 AguardNet's Space Management System does not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | 9.8 |
2024-07-15 | CVE-2024-6744 | Cellopoint | Out-of-bounds Write vulnerability in Cellopoint Secure Email Gateway The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. | 9.8 |
2024-07-15 | CVE-2024-39736 | IBM | Improper Encoding or Escaping of Output vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
2024-07-18 | CVE-2024-5619 | Authorization Bypass Through User-Controlled Key vulnerability in PruvaSoft Informatics Apinizer Management Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apinizer Management Console: before 2024.05.1. | 9.6 | |
2024-07-16 | CVE-2019-25154 | Unspecified vulnerability in Google Chrome Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 | |
2024-07-17 | CVE-2024-23468 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. | 9.4 |
2024-07-17 | CVE-2024-28992 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. | 9.4 |
2024-07-17 | CVE-2024-28993 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. | 9.4 |
2024-07-19 | CVE-2024-29736 | Apache | Server-Side Request Forgery (SSRF) vulnerability in Apache CXF A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. | 9.1 |
2024-07-18 | CVE-2024-40628 | Fit2Cloud | Path Traversal vulnerability in Fit2Cloud Jumpserver JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. | 9.1 |
2024-07-17 | CVE-2024-31070 | Centurysys | Insecure Default Initialization of Resource vulnerability in Centurysys products Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. | 9.1 |
106 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-07-21 | CVE-2024-6958 | Angeljudesuarez | Unrestricted Upload of File with Dangerous Type vulnerability in Angeljudesuarez University Management System 1.0 A vulnerability classified as critical was found in itsourcecode University Management System 1.0. | 8.8 |
2024-07-21 | CVE-2024-6952 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez University Management System 1.0 A vulnerability has been found in itsourcecode University Management System 1.0 and classified as critical. | 8.8 |
2024-07-21 | CVE-2024-6946 | Flute CMS | Code Injection vulnerability in Flute-Cms Flute 0.2.2.4 A vulnerability was found in Flute CMS 0.2.2.4-alpha. | 8.8 |
2024-07-21 | CVE-2024-6947 | Flute CMS | Code Injection vulnerability in Flute-Cms Flute 0.2.2.4 A vulnerability was found in Flute CMS 0.2.2.4-alpha. | 8.8 |
2024-07-21 | CVE-2024-6943 | Zhongbangkeji | Deserialization of Untrusted Data vulnerability in Zhongbangkeji Crmeb A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. | 8.8 |
2024-07-20 | CVE-2024-6497 | The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. | 8.8 | |
2024-07-19 | CVE-2024-41121 | Woodpecker CI | Unspecified vulnerability in Woodpecker-Ci Woodpecker Woodpecker is a simple yet powerful CI/CD engine with great extensibility. | 8.8 |
2024-07-19 | CVE-2024-41122 | Woodpecker CI | Unspecified vulnerability in Woodpecker-Ci Woodpecker Woodpecker is a simple yet powerful CI/CD engine with great extensibility. | 8.8 |
2024-07-19 | CVE-2024-37066 | Wyze | OS Command Injection vulnerability in Wyze CAM V4 Firmware A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222, which allows attackers to execute arbitrary commands over Bluetooth as root during the camera setup process. | 8.8 |
2024-07-19 | CVE-2024-6906 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0 and classified as critical. | 8.8 |
2024-07-19 | CVE-2024-6904 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Record Management System 1.0. | 8.8 |
2024-07-19 | CVE-2024-6905 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as critical. | 8.8 |
2024-07-19 | CVE-2024-6338 | Foliovision | SQL Injection vulnerability in Foliovision FV Flowplayer Video Player The FV Flowplayer Video Player plugin for WordPress is vulnerable to time-based SQL Injection via the ‘exclude’ parameter in all versions up to, and including, 7.5.46.7212 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
2024-07-19 | CVE-2024-6902 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability classified as critical was found in SourceCodester Record Management System 1.0. | 8.8 |
2024-07-19 | CVE-2024-6903 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Record Management System 1.0. | 8.8 |
2024-07-19 | CVE-2024-6900 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 8.8 |
2024-07-19 | CVE-2024-6901 | Jkev | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Record Management System 1.0. | 8.8 |
2024-07-18 | CVE-2023-40223 | Philips | Unspecified vulnerability in Philips VUE Pacs 12.2.8.0 Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an unintended sphere of control for that actor. | 8.8 |
2024-07-18 | CVE-2024-29178 | Apache | Code Injection vulnerability in Apache Streampark On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4 | 8.8 |
2024-07-18 | CVE-2024-3242 | Brizy | Unrestricted Upload of File with Dangerous Type vulnerability in Brizy Brizy-Page Builder The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. | 8.8 |
2024-07-18 | CVE-2024-29014 | Sonicwall | Code Injection vulnerability in Sonicwall Netextender Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update. | 8.8 |
2024-07-18 | CVE-2024-5726 | The Timeline Event History plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1 via deserialization of untrusted input 'timelines-data' parameter. | 8.8 | |
2024-07-17 | CVE-2024-23472 | Solarwinds | Path Traversal vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. | 8.8 |
2024-07-17 | CVE-2024-27311 | Zohocorp | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine DDI Central Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder. | 8.8 |
2024-07-17 | CVE-2024-31411 | Apache | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Streampipes Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue. | 8.8 |
2024-07-17 | CVE-2024-36475 | Centurysys | OS Command Injection vulnerability in Centurysys products FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. | 8.8 |
2024-07-17 | CVE-2024-39877 | Apache | Code Injection vulnerability in Apache Airflow Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code in the scheduler context, which should be forbidden according to the Airflow Security model. | 8.8 |
2024-07-17 | CVE-2024-6467 | Reputeinfosystems | Unspecified vulnerability in Reputeinfosystems Bookingpress The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizard_settings_func' function. | 8.8 |
2024-07-17 | CVE-2024-6660 | Reputeinfosystems | Missing Authorization vulnerability in Reputeinfosystems Bookingpress The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. | 8.8 |
2024-07-16 | CVE-2024-3168 | Use After Free vulnerability in Google Chrome Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-3169 | Use After Free vulnerability in Google Chrome Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-3170 | Use After Free vulnerability in Google Chrome Use after free in WebRTC in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-3171 | Use After Free vulnerability in Google Chrome Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. | 8.8 | |
2024-07-16 | CVE-2024-3172 | Unspecified vulnerability in Google Chrome Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-3173 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 8.8 | |
2024-07-16 | CVE-2024-3174 | Unspecified vulnerability in Google Chrome Inappropriate implementation in V8 in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-3176 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | 8.8 | |
2024-07-16 | CVE-2024-40322 | Jfinalcms Project | SQL Injection vulnerability in Jfinalcms Project Jfinalcms 5.0.0 An issue was discovered in JFinalCMS v.5.0.0. | 8.8 |
2024-07-15 | CVE-2024-6746 | Easyspider | Path Traversal vulnerability in Easyspider 0.6.2 A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. | 8.8 |
2024-07-15 | CVE-2023-46801 | Apache | Deserialization of Untrusted Data vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis <= 1.5.0, data source management module, when adding Mysql data source, exists remote code execution vulnerability for java version < 1.8.0_241. | 8.8 |
2024-07-15 | CVE-2023-49566 | Apache | Deserialization of Untrusted Data vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis <=1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. | 8.8 |
2024-07-15 | CVE-2024-5630 | Elearningfreak | Unrestricted Upload of File with Dangerous Type vulnerability in Elearningfreak Insert or Embed Articulate Content The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. | 8.8 |
2024-07-15 | CVE-2024-6075 | Tipsandtricks HQ | Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | 8.8 |
2024-07-15 | CVE-2024-6737 | Electronic Official Document Management System Project | Unspecified vulnerability in Electronic Official Document Management System Project Electronic Official Document Management System The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote attackers with regular privileges to access the account settings functionality and create an administrator account. | 8.8 |
2024-07-15 | CVE-2024-6736 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0 A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. | 8.8 |
2024-07-15 | CVE-2024-6734 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 8.8 |
2024-07-15 | CVE-2024-6735 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 8.8 |
2024-07-16 | CVE-2024-21136 | Oracle | Unspecified vulnerability in Oracle Retail Xstore Office Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications (component: Security). | 8.6 |
2024-07-15 | CVE-2024-21513 | Langchain | Unspecified vulnerability in Langchain Langchain-Experimental Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code will attempt to call 'eval' on all values. | 8.5 |
2024-07-18 | CVE-2023-50304 | IBM | XXE vulnerability in IBM products IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
2024-07-16 | CVE-2024-21141 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 8.2 |
2024-07-19 | CVE-2024-41107 | Apache | Authentication Bypass by Spoofing vulnerability in Apache Cloudstack The CloudStack SAML authentication (disabled by default) does not enforce signature check. | 8.1 |
2024-07-16 | CVE-2024-21146 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL Accounts). | 8.1 | |
2024-07-16 | CVE-2024-21149 | Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite (component: Work Definition Issues). | 8.1 | |
2024-07-16 | CVE-2024-21152 | Vulnerability in the Oracle Process Manufacturing Financials product of Oracle E-Business Suite (component: Allocation Rules). | 8.1 | |
2024-07-16 | CVE-2024-21153 | Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management Specs). | 8.1 | |
2024-07-16 | CVE-2024-21167 | Vulnerability in the Oracle Trading Community product of Oracle E-Business Suite (component: Party Search UI). | 8.1 | |
2024-07-19 | CVE-2024-40724 | Assimp | Out-of-bounds Write vulnerability in Assimp Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. | 7.8 |
2024-07-18 | CVE-2024-41011 | Linux | Incorrect Calculation vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. | 7.8 |
2024-07-16 | CVE-2024-40637 | Getdbt | SQL Injection vulnerability in Getdbt DBT Core dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. | 7.8 |
2024-07-16 | CVE-2022-48834 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fix bug in pipe direction for control transfers The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: BOGUS control dir, pipe 80001e80 doesn't match bRequestType 0 WARNING: CPU: 0 PID: 3813 at drivers/usb/core/urb.c:412 usb_submit_urb+0x13a5/0x1970 drivers/usb/core/urb.c:410 Modules linked in: CPU: 0 PID: 3813 Comm: syz-executor122 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0 ... Call Trace: <TASK> usb_start_wait_urb+0x113/0x530 drivers/usb/core/message.c:58 usb_internal_control_msg drivers/usb/core/message.c:102 [inline] usb_control_msg+0x2a5/0x4b0 drivers/usb/core/message.c:153 usbtmc_ioctl_request drivers/usb/class/usbtmc.c:1947 [inline] The problem is that usbtmc_ioctl_request() uses usb_rcvctrlpipe() for all of its transfers, whether they are in or out. | 7.8 |
2024-07-16 | CVE-2022-48837 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow. | 7.8 |
2024-07-16 | CVE-2022-48847 | Linux | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix filter limit check In watch_queue_set_filter(), there are a couple of places where we check that the filter type value does not exceed what the type_filter bitmap can hold. | 7.8 |
2024-07-16 | CVE-2022-48848 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: # trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 1217 at kernel/tracepoint.c:404 tracepoint_probe_unregister+0x280/0x370 [...] CPU: 0 PID: 1217 Comm: trace-cmd Not tainted 5.17.0-rc6-next-20220307-nico+ #19 RIP: 0010:tracepoint_probe_unregister+0x280/0x370 [...] CR2: 00007ff919b29497 CR3: 0000000109da4005 CR4: 0000000000170ef0 Call Trace: <TASK> osnoise_workload_stop+0x36/0x90 tracing_set_tracer+0x108/0x260 tracing_set_trace_write+0x94/0xd0 ? __check_object_size.part.0+0x10a/0x150 ? selinux_file_permission+0x104/0x150 vfs_write+0xb5/0x290 ksys_write+0x5f/0xe0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7ff919a18127 [...] ---[ end trace 0000000000000000 ]--- The warning complains about an attempt to unregister an unregistered tracepoint. This happens on trace-cmd because it first stops tracing, and then switches the tracer to nop. | 7.8 |
2024-07-16 | CVE-2022-48851 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: staging: gdm724x: fix use after free in gdm_lte_rx() The netif_rx_ni() function frees the skb so we can't dereference it to save the skb->len. | 7.8 |
2024-07-16 | CVE-2022-48854 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: arc_emac: Fix use after free in arc_mdio_probe() If bus->state is equal to MDIOBUS_ALLOCATED, mdiobus_free(bus) will free the "bus". | 7.8 |
2024-07-16 | CVE-2022-48778 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. | 7.8 |
2024-07-16 | CVE-2022-48779 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so if this is the same as the port's pvid_vlan which we access afterwards, what we're accessing is freed memory. Fix the bug by determining whether to clear ocelot_port->pvid_vlan prior to calling ocelot_vlan_member_del(). | 7.8 |
2024-07-16 | CVE-2022-48782 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed trace_mctp_key_acquire(key); ^~~~~~~~~~~~~~~~~~~~~~~~~~~ When mctp_key_add() fails, key is freed but then is later used in trace_mctp_key_acquire(). | 7.8 |
2024-07-16 | CVE-2022-48783 | Linux | Use After Free vulnerability in Linux Kernel 5.10.101/5.15.24/5.16.10 In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). | 7.8 |
2024-07-16 | CVE-2022-48787 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which then in iwlwifi calls iwl_drv_stop(), freeing the 'drv' struct. | 7.8 |
2024-07-16 | CVE-2022-48788 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state. | 7.8 |
2024-07-16 | CVE-2022-48789 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in order to fully prevent a race where this check is not reliable the error recovery work must flush async_event_work before continuing to destroy the admin queue after setting the ctrl state to RESETTING such that there is no race .submit_async_event and the error recovery handler itself changing the ctrl state. | 7.8 |
2024-07-16 | CVE-2022-48791 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). | 7.8 |
2024-07-16 | CVE-2022-48792 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_sata_completion(). In this case, the following are the two steps in handling those I/O completions: - Call complete() to inform the upper layer handler of completion of the I/O. - Release driver resources associated with the sas_task in pm8001_ccb_task_free() call. When complete() is called, the upper layer may free the sas_task. | 7.8 |
2024-07-16 | CVE-2022-48796 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential use-after-free during probe Kasan has reported the following use after free on dev->iommu. when a device probe fails and it is in process of freeing dev->iommu in dev_iommu_free function, a deferred_probe_work_func runs in parallel and tries to access dev->iommu->fwspec in of_iommu_configure path thus causing use after free. BUG: KASAN: use-after-free in of_iommu_configure+0xb4/0x4a4 Read of size 8 at addr ffffff87a2f1acb8 by task kworker/u16:2/153 Workqueue: events_unbound deferred_probe_work_func Call trace: dump_backtrace+0x0/0x33c show_stack+0x18/0x24 dump_stack_lvl+0x16c/0x1e0 print_address_description+0x84/0x39c __kasan_report+0x184/0x308 kasan_report+0x50/0x78 __asan_load8+0xc0/0xc4 of_iommu_configure+0xb4/0x4a4 of_dma_configure_id+0x2fc/0x4d4 platform_dma_configure+0x40/0x5c really_probe+0x1b4/0xb74 driver_probe_device+0x11c/0x228 __device_attach_driver+0x14c/0x304 bus_for_each_drv+0x124/0x1b0 __device_attach+0x25c/0x334 device_initial_probe+0x24/0x34 bus_probe_device+0x78/0x134 deferred_probe_work_func+0x130/0x1a8 process_one_work+0x4c8/0x970 worker_thread+0x5c8/0xaec kthread+0x1f8/0x220 ret_from_fork+0x10/0x18 Allocated by task 1: ____kasan_kmalloc+0xd4/0x114 __kasan_kmalloc+0x10/0x1c kmem_cache_alloc_trace+0xe4/0x3d4 __iommu_probe_device+0x90/0x394 probe_iommu_group+0x70/0x9c bus_for_each_dev+0x11c/0x19c bus_iommu_probe+0xb8/0x7d4 bus_set_iommu+0xcc/0x13c arm_smmu_bus_init+0x44/0x130 [arm_smmu] arm_smmu_device_probe+0xb88/0xc54 [arm_smmu] platform_drv_probe+0xe4/0x13c really_probe+0x2c8/0xb74 driver_probe_device+0x11c/0x228 device_driver_attach+0xf0/0x16c __driver_attach+0x80/0x320 bus_for_each_dev+0x11c/0x19c driver_attach+0x38/0x48 bus_add_driver+0x1dc/0x3a4 driver_register+0x18c/0x244 __platform_driver_register+0x88/0x9c init_module+0x64/0xff4 [arm_smmu] do_one_initcall+0x17c/0x2f0 do_init_module+0xe8/0x378 load_module+0x3f80/0x4a40 __se_sys_finit_module+0x1a0/0x1e4 __arm64_sys_finit_module+0x44/0x58 el0_svc_common+0x100/0x264 do_el0_svc+0x38/0xa4 el0_svc+0x20/0x30 el0_sync_handler+0x68/0xac el0_sync+0x160/0x180 Freed by task 1: kasan_set_track+0x4c/0x84 kasan_set_free_info+0x28/0x4c ____kasan_slab_free+0x120/0x15c __kasan_slab_free+0x18/0x28 slab_free_freelist_hook+0x204/0x2fc kfree+0xfc/0x3a4 __iommu_probe_device+0x284/0x394 probe_iommu_group+0x70/0x9c bus_for_each_dev+0x11c/0x19c bus_iommu_probe+0xb8/0x7d4 bus_set_iommu+0xcc/0x13c arm_smmu_bus_init+0x44/0x130 [arm_smmu] arm_smmu_device_probe+0xb88/0xc54 [arm_smmu] platform_drv_probe+0xe4/0x13c really_probe+0x2c8/0xb74 driver_probe_device+0x11c/0x228 device_driver_attach+0xf0/0x16c __driver_attach+0x80/0x320 bus_for_each_dev+0x11c/0x19c driver_attach+0x38/0x48 bus_add_driver+0x1dc/0x3a4 driver_register+0x18c/0x244 __platform_driver_register+0x88/0x9c init_module+0x64/0xff4 [arm_smmu] do_one_initcall+0x17c/0x2f0 do_init_module+0xe8/0x378 load_module+0x3f80/0x4a40 __se_sys_finit_module+0x1a0/0x1e4 __arm64_sys_finit_module+0x44/0x58 el0_svc_common+0x100/0x264 do_el0_svc+0x38/0xa4 el0_svc+0x20/0x30 el0_sync_handler+0x68/0xac el0_sync+0x160/0x180 Fix this by setting dev->iommu to NULL first and then freeing dev_iommu structure in dev_iommu_free function. | 7.8 |
2024-07-16 | CVE-2022-48822 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: f_fs: Fix use-after-free for epfile Consider a case where ffs_func_eps_disable is called from ffs_func_disable as part of composition switch and at the same time ffs_epfile_release get called from userspace. ffs_epfile_release will free up the read buffer and call ffs_data_closed which in turn destroys ffs->epfiles and mark it as NULL. | 7.8 |
2024-07-15 | CVE-2024-5402 | ABB | Unquoted Search Path or Element vulnerability in ABB Mint Workbench 5866/5868 Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868. | 7.8 |
2024-07-21 | CVE-2024-38435 | Unitronics | Unspecified vulnerability in Unitronics Vision PLC Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service | 7.5 |
2024-07-21 | CVE-2024-6944 | Zhongbangkeji | Deserialization of Untrusted Data vulnerability in Zhongbangkeji Crmeb A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. | 7.5 |
2024-07-19 | CVE-2024-41600 | Talelin | Unspecified vulnerability in Talelin Lin-Cms-Spring-Boot 0.2.0/0.2.1 Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. | 7.5 |
2024-07-19 | CVE-2024-32007 | Apache | Unspecified vulnerability in Apache CXF An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. | 7.5 |
2024-07-19 | CVE-2024-41172 | Apache | Memory Leak vulnerability in Apache CXF In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory | 7.5 |
2024-07-18 | CVE-2024-40898 | Apache | Server-Side Request Forgery (SSRF) vulnerability in Apache Http Server SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. | 7.5 |
2024-07-18 | CVE-2024-40764 | Sonicwall | Out-of-bounds Write vulnerability in Sonicwall Sonicos Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS). | 7.5 |
2024-07-17 | CVE-2024-6830 | Oretnom23 | SQL Injection vulnerability in Oretnom23 Simple Inventory Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Simple Inventory Management System 1.0. | 7.5 |
2024-07-16 | CVE-2024-21175 | Oracle | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 7.5 |
2024-07-16 | CVE-2024-21182 | Oracle | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 7.5 |
2024-07-16 | CVE-2024-21183 | Oracle | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 7.5 |
2024-07-16 | CVE-2019-16638 | Ruijie | Cleartext Storage of Sensitive Information vulnerability in Ruijie Eg-2000Se Firmware 11.1(1)B1 An issue was found on the Ruijie EG-2000 series gateway. | 7.5 |
2024-07-16 | CVE-2024-6089 | Rockwellautomation | Unspecified vulnerability in Rockwellautomation 5015-Aenftxt Firmware 2.011 An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a manipulated PTP packet is sent, causing the secondary adapter to result in a major nonrecoverable fault. | 7.5 |
2024-07-15 | CVE-2024-23794 | Otrs | Unspecified vulnerability in Otrs An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. | 7.5 |
2024-07-15 | CVE-2024-39731 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2024-07-16 | CVE-2024-21147 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). | 7.4 | |
2024-07-20 | CVE-2024-6635 | The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. | 7.3 | |
2024-07-20 | CVE-2024-6637 | The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. | 7.3 | |
2024-07-21 | CVE-2024-6956 | Angeljudesuarez | SQL Injection vulnerability in Angeljudesuarez University Management System 1.0 A vulnerability was found in itsourcecode University Management System 1.0. | 7.2 |
2024-07-21 | CVE-2024-6940 | Dedecms | Code Injection vulnerability in Dedecms 5.7.112 A vulnerability was found in DedeCMS 5.7.114. | 7.2 |
2024-07-16 | CVE-2024-21184 | Oracle | Unspecified vulnerability in Oracle Database Server Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. | 7.2 |
2024-07-16 | CVE-2022-48855 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initialized if inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure to clear idiag_timer/idiag_retrans/idiag_expires and let inet_diag_msg_sctpasoc_fill() fill them again if needed. [1] BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline] BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [inline] copyout lib/iov_iter.c:154 [inline] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [inline] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline] netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977 sock_recvmsg_nosec net/socket.c:948 [inline] sock_recvmsg net/socket.c:966 [inline] __sys_recvfrom+0x795/0xa10 net/socket.c:2097 __do_sys_recvfrom net/socket.c:2115 [inline] __se_sys_recvfrom net/socket.c:2111 [inline] __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit was created at: slab_post_alloc_hook mm/slab.h:737 [inline] slab_alloc_node mm/slub.c:3247 [inline] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [inline] __alloc_skb+0x545/0xf90 net/core/skbuff.c:426 alloc_skb include/linux/skbuff.h:1158 [inline] netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248 __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373 netlink_dump_start include/linux/netlink.h:254 [inline] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341 sock_diag_rcv_msg+0x24a/0x620 netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494 sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343 netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:705 [inline] sock_sendmsg net/socket.c:725 [inline] sock_write_iter+0x594/0x690 net/socket.c:1061 do_iter_readv_writev+0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_write.c:924 [inline] do_writev+0x645/0xe00 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [inline] __se_sys_writev fs/read_write.c:1037 [inline] __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Bytes 68-71 of 2508 are uninitialized Memory access of size 2508 starts at ffff888114f9b000 Data copied to user address 00007f7fe09ff2e0 CPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 | 7.1 |
2024-07-16 | CVE-2022-48866 | Linux | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Syzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug. The root case is in missing validation check of actual number of endpoints. Code should not blindly access usb_host_interface::endpoint array, since it may contain less endpoints than code expects. Fix it by adding missing validaion check and print an error if number of endpoints do not match expected number | 7.1 |
2024-07-16 | CVE-2021-47624 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. | 7.1 |
2024-07-16 | CVE-2022-48820 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() This error path needs to decrement "usbphyc->n_pll_cons.counter" before returning. | 7.1 |
2024-07-16 | CVE-2024-1937 | The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_item' function in all versions up to, and including, 2.4.44. | 7.1 | |
2024-07-16 | CVE-2022-48858 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix a race on command flush flow Fix a refcount use after free warning due to a race on command entry. Such race occurs when one of the commands releases its last refcount and frees its index and entry while another process running command flush flow takes refcount to this command entry. | 7.0 |
2024-07-16 | CVE-2022-48790 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. | 7.0 |
231 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-07-18 | CVE-2023-40159 | Philips | Unspecified vulnerability in Philips VUE Pacs 12.2.8.0 A validated user not explicitly authorized to have access to certain sensitive information could access Philips Vue PACS on the same network to expose that information. | 6.5 |
2024-07-18 | CVE-2024-5620 | Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics Apinizer Management Console allows Authentication Bypass.This issue affects Apinizer Management Console: before 2024.05.1. | 6.5 | |
2024-07-17 | CVE-2024-40617 | Fujitsu | Path Traversal vulnerability in Fujitsu Network Edgiot Gw1500 Firmware Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). | 6.5 |
2024-07-16 | CVE-2020-36765 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 | |
2024-07-16 | CVE-2024-21168 | Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). | 6.5 | |
2024-07-16 | CVE-2024-21171 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 6.5 |
2024-07-16 | CVE-2024-21177 | Oracle | Unspecified vulnerability in Oracle Mysql Cluster and Mysql Server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 6.5 |
2024-07-16 | CVE-2024-2884 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 6.5 | |
2024-07-16 | CVE-2024-5500 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 | |
2024-07-16 | CVE-2024-5566 | Github | Unspecified vulnerability in Github Enterprise Server An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. | 6.5 |
2024-07-16 | CVE-2024-5795 | Github | Resource Exhaustion vulnerability in Github Enterprise Server A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. | 6.5 |
2024-07-16 | CVE-2024-5815 | Github | Cross-Site Request Forgery (CSRF) vulnerability in Github Enterprise Server A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. | 6.5 |
2024-07-16 | CVE-2024-5817 | Github | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed read access to issue content via GitHub Projects. | 6.5 |
2024-07-16 | CVE-2024-39036 | Seacms | Path Traversal vulnerability in Seacms 12.9 SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php. | 6.5 |
2024-07-16 | CVE-2024-6325 | Rockwellautomation | Incorrect Default Permissions vulnerability in Rockwellautomation Factorytalk Policy Manager 6.40.0 The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html and CVE-2022-1161. | 6.5 |
2024-07-15 | CVE-2024-39767 | Mattermost | Improper Authentication vulnerability in Mattermost Mobile 1.26.0/1.29.0/1.30.0 Mattermost Mobile Apps versions <=2.16.0 fail to validate that the push notifications received for a server actually came from this serve that which allows a malicious server to send push notifications with another server’s diagnostic ID or server URL and have them show up in mobile apps as that server’s push notifications. | 6.5 |
2024-07-15 | CVE-2023-41916 | Apache | Files or Directories Accessible to External Parties vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis =1.4.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. | 6.5 |
2024-07-20 | CVE-2024-2337 | The Easy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testimonials_grid ' shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 | |
2024-07-18 | CVE-2024-5554 | Bdthemes | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘onclick_event’ parameter in all versions up to, and including, 5.6.11 due to insufficient input sanitization and output escaping. | 6.4 |
2024-07-18 | CVE-2024-5555 | Bdthemes | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘social-link-title’ parameter in all versions up to, and including, 5.6.5 due to insufficient input sanitization and output escaping. | 6.4 |
2024-07-18 | CVE-2024-5964 | The Zenon Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-07-16 | CVE-2023-52886 | Linux | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 Read of size 8 at addr ffff88801e78b8c8 by task udevd/5011 CPU: 0 PID: 5011 Comm: udevd Not tainted 6.4.0-rc6-syzkaller-00195-g40f71e7cd3c6 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106 print_address_description.constprop.0+0x2c/0x3c0 mm/kasan/report.c:351 print_report mm/kasan/report.c:462 [inline] kasan_report+0x11c/0x130 mm/kasan/report.c:572 read_descriptors+0x263/0x280 drivers/usb/core/sysfs.c:883 ... Allocated by task 758: ... __do_kmalloc_node mm/slab_common.c:966 [inline] __kmalloc+0x5e/0x190 mm/slab_common.c:979 kmalloc include/linux/slab.h:563 [inline] kzalloc include/linux/slab.h:680 [inline] usb_get_configuration+0x1f7/0x5170 drivers/usb/core/config.c:887 usb_enumerate_device drivers/usb/core/hub.c:2407 [inline] usb_new_device+0x12b0/0x19d0 drivers/usb/core/hub.c:2545 As analyzed by Khazhy Kumykov, the cause of this bug is a race between read_descriptors() and hub_port_init(): The first routine uses a field in udev->descriptor, not expecting it to change, while the second overwrites it. Prior to commit 45bf39f8df7f ("USB: core: Don't hold device lock while reading the "descriptors" sysfs file") this race couldn't occur, because the routines were mutually exclusive thanks to the device locking. | 6.4 |
2024-07-16 | CVE-2024-4780 | The Image Hover Effects – Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eihe_link’ parameter in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. | 6.4 | |
2024-07-16 | CVE-2024-21170 | Oracle | Unspecified vulnerability in Oracle Mysql Connector/Python 8.4.0 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). | 6.3 |
2024-07-16 | CVE-2024-3175 | Unspecified vulnerability in Google Chrome Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. | 6.3 | |
2024-07-21 | CVE-2024-37459 | Payplus | Cross-site Scripting vulnerability in Payplus Payment Gateway Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PayPlus LTD PayPlus Payment Gateway allows Reflected XSS.This issue affects PayPlus Payment Gateway: from n/a through 6.6.8. | 6.1 |
2024-07-21 | CVE-2024-37461 | Northernbeacheswebsites | Cross-site Scripting vulnerability in Northernbeacheswebsites Ideapush Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65. | 6.1 |
2024-07-21 | CVE-2024-37485 | Usestrict | Cross-site Scripting vulnerability in Usestrict Bbpress Notify Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vinny Alves (UseStrict Consulting) bbPress Notify allows Reflected XSS.This issue affects bbPress Notify: from n/a through 2.18.3. | 6.1 |
2024-07-21 | CVE-2024-38781 | Artistscope | Cross-site Scripting vulnerability in Artistscope Copysafe web Protection Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Reflected XSS.This issue affects CopySafe Web Protection: from n/a through 3.15. | 6.1 |
2024-07-21 | CVE-2024-6954 | Jkev | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 6.1 |
2024-07-21 | CVE-2024-6955 | Jkev | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 6.1 |
2024-07-21 | CVE-2024-37487 | Wpdirectorykit | Cross-site Scripting vulnerability in Wpdirectorykit WP Directory KIT Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectorykit.Com WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.3.5. | 6.1 |
2024-07-21 | CVE-2024-37509 | Makecommerce | Cross-site Scripting vulnerability in Makecommerce for Woocommerce Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maksekeskus AS MakeCommerce for WooCommerce allows Reflected XSS.This issue affects MakeCommerce for WooCommerce: from n/a through 3.5.1. | 6.1 |
2024-07-21 | CVE-2024-38436 | Commugen | Cross-site Scripting vulnerability in Commugen SOX 365 Commugen SOX 365 – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 6.1 |
2024-07-21 | CVE-2024-37559 | Henleyedition | Cross-site Scripting vulnerability in Henleyedition Counterpoint Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echenley Counterpoint allows Reflected XSS.This issue affects Counterpoint: from n/a through 1.8.1. | 6.1 |
2024-07-21 | CVE-2024-6939 | Xinhu | Cross-site Scripting vulnerability in Xinhu Rockoa 2.6.3 A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. | 6.1 |
2024-07-20 | CVE-2024-37954 | Marcelotorres | Cross-site Scripting vulnerability in Marcelotorres Simple Responsive Slider Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5. | 6.1 |
2024-07-20 | CVE-2024-40347 | Hyland | Cross-site Scripting vulnerability in Hyland Alfresco Content Services 7.2.0 A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid. | 6.1 |
2024-07-19 | CVE-2024-41599 | Ruoyi | Cross-site Scripting vulnerability in Ruoyi Cross Site Scripting vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the file upload method | 6.1 |
2024-07-19 | CVE-2024-38156 | Microsoft | Unspecified vulnerability in Microsoft Edge Microsoft Edge (Chromium-based) Spoofing Vulnerability | 6.1 |
2024-07-17 | CVE-2023-43971 | Lizhipay | Cross-site Scripting vulnerability in Lizhipay Acg-Faka 1.1.7 Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php. | 6.1 |
2024-07-16 | CVE-2024-21133 | Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Servlet). | 6.1 | |
2024-07-16 | CVE-2024-21150 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). | 6.1 | |
2024-07-16 | CVE-2024-21178 | Oracle | Cross-site Scripting vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60/8.61 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). | 6.1 |
2024-07-16 | CVE-2024-21188 | Oracle | Unspecified vulnerability in Oracle Financial Services Revenue Management and Billing 6.0.0.0.0/6.1.0.0.0 Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). | 6.1 |
2024-07-15 | CVE-2024-38493 | Broadcom | Cross-site Scripting vulnerability in Broadcom Symantec Privileged Access Management 4.1.0.0/4.1.0.10 A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. | 6.1 |
2024-07-15 | CVE-2024-6740 | Openfind | Cross-site Scripting vulnerability in Openfind Mail2000 7.0/8.0 Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks. | 6.1 |
2024-07-15 | CVE-2024-6072 | Tipsandtricks HQ | Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | 6.1 |
2024-07-15 | CVE-2024-6073 | Tipsandtricks HQ | Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |
2024-07-15 | CVE-2024-6074 | Tipsandtricks HQ | Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |
2024-07-15 | CVE-2024-6076 | Tipsandtricks HQ | Cross-site Scripting vulnerability in Tipsandtricks-Hq WP Estore The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |
2024-07-15 | CVE-2024-6289 | Wpserveur | Open Redirect vulnerability in Wpserveur WPS Hide Login The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page. | 6.1 |
2024-07-15 | CVE-2024-6739 | Openfind | Incorrect Permission Assignment for Critical Resource vulnerability in Openfind Mailaudit and Mailgates The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS. | 6.1 |
2024-07-18 | CVE-2023-40539 | Philips | Weak Password Requirements vulnerability in Philips VUE Pacs 12.2.8.0 Philips Vue PACS does not require that users have strong passwords, which could make it easier for attackers to compromise user accounts. | 5.9 |
2024-07-16 | CVE-2024-21166 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 5.9 |
2024-07-16 | CVE-2024-21126 | Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. | 5.8 | |
2024-07-19 | CVE-2024-6916 | Zowe | Insecure Storage of Sensitive Information vulnerability in Zowe CLI A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag. | 5.5 |
2024-07-18 | CVE-2024-6705 | The RegLevel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. | 5.5 | |
2024-07-17 | CVE-2024-41009 | Linux | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer counter to show which logical position the consumer consumed the data, and producer_pos which is the producer counter denoting the amount of data reserved by all producers. Each time a record is reserved, the producer that "owns" the record will successfully advance producer counter. | 5.5 |
2024-07-17 | CVE-2024-41010 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that the tcx_entry can be released too early leading to a use after free (UAF) when an active old-style ingress or clsact qdisc with a shared tc block is later replaced by another ingress or clsact instance. Essentially, the sequence to trigger the UAF (one example) can be as follows: 1. | 5.5 |
2024-07-16 | CVE-2022-35640 | IBM | Information Exposure Through an Error Message vulnerability in IBM Sterling Partner Engagement Manager 6.2.2 IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. | 5.5 |
2024-07-16 | CVE-2024-21161 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 5.5 |
2024-07-16 | CVE-2024-21163 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 5.5 |
2024-07-16 | CVE-2024-6326 | Rockwellautomation | Incorrect Default Permissions vulnerability in Rockwellautomation products An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. | 5.5 |
2024-07-16 | CVE-2022-48835 | Linux | Release of Invalid Pointer or Reference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in reply q processing A page fault was encountered in mpt3sas on a LUN reset error path: [ 145.763216] mpt3sas_cm1: Task abort tm failed: handle(0x0002),timeout(30) tr_method(0x0) smid(3) msix_index(0) [ 145.778932] scsi 1:0:0:0: task abort: FAILED scmd(0x0000000024ba29a2) [ 145.817307] scsi 1:0:0:0: attempting device reset! scmd(0x0000000024ba29a2) [ 145.827253] scsi 1:0:0:0: [sg1] tag#2 CDB: Receive Diagnostic 1c 01 01 ff fc 00 [ 145.837617] scsi target1:0:0: handle(0x0002), sas_address(0x500605b0000272b9), phy(0) [ 145.848598] scsi target1:0:0: enclosure logical id(0x500605b0000272b8), slot(0) [ 149.858378] mpt3sas_cm1: Poll ReplyDescriptor queues for completion of smid(0), task_type(0x05), handle(0x0002) [ 149.875202] BUG: unable to handle page fault for address: 00000007fffc445d [ 149.885617] #PF: supervisor read access in kernel mode [ 149.894346] #PF: error_code(0x0000) - not-present page [ 149.903123] PGD 0 P4D 0 [ 149.909387] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 149.917417] CPU: 24 PID: 3512 Comm: scsi_eh_1 Kdump: loaded Tainted: G S O 5.10.89-altav-1 #1 [ 149.934327] Hardware name: DDN 200NVX2 /200NVX2-MB , BIOS ATHG2.2.02.01 09/10/2021 [ 149.951871] RIP: 0010:_base_process_reply_queue+0x4b/0x900 [mpt3sas] [ 149.961889] Code: 0f 84 22 02 00 00 8d 48 01 49 89 fd 48 8d 57 38 f0 0f b1 4f 38 0f 85 d8 01 00 00 49 8b 45 10 45 31 e4 41 8b 55 0c 48 8d 1c d0 <0f> b6 03 83 e0 0f 3c 0f 0f 85 a2 00 00 00 e9 e6 01 00 00 0f b7 ee [ 149.991952] RSP: 0018:ffffc9000f1ebcb8 EFLAGS: 00010246 [ 150.000937] RAX: 0000000000000055 RBX: 00000007fffc445d RCX: 000000002548f071 [ 150.011841] RDX: 00000000ffff8881 RSI: 0000000000000001 RDI: ffff888125ed50d8 [ 150.022670] RBP: 0000000000000000 R08: 0000000000000000 R09: c0000000ffff7fff [ 150.033445] R10: ffffc9000f1ebb68 R11: ffffc9000f1ebb60 R12: 0000000000000000 [ 150.044204] R13: ffff888125ed50d8 R14: 0000000000000080 R15: 34cdc00034cdea80 [ 150.054963] FS: 0000000000000000(0000) GS:ffff88dfaf200000(0000) knlGS:0000000000000000 [ 150.066715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.076078] CR2: 00000007fffc445d CR3: 000000012448a006 CR4: 0000000000770ee0 [ 150.086887] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 150.097670] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 150.108323] PKRU: 55555554 [ 150.114690] Call Trace: [ 150.120497] ? printk+0x48/0x4a [ 150.127049] mpt3sas_scsih_issue_tm.cold.114+0x2e/0x2b3 [mpt3sas] [ 150.136453] mpt3sas_scsih_issue_locked_tm+0x86/0xb0 [mpt3sas] [ 150.145759] scsih_dev_reset+0xea/0x300 [mpt3sas] [ 150.153891] scsi_eh_ready_devs+0x541/0x9e0 [scsi_mod] [ 150.162206] ? __scsi_host_match+0x20/0x20 [scsi_mod] [ 150.170406] ? scsi_try_target_reset+0x90/0x90 [scsi_mod] [ 150.178925] ? blk_mq_tagset_busy_iter+0x45/0x60 [ 150.186638] ? scsi_try_target_reset+0x90/0x90 [scsi_mod] [ 150.195087] scsi_error_handler+0x3a5/0x4a0 [scsi_mod] [ 150.203206] ? __schedule+0x1e9/0x610 [ 150.209783] ? scsi_eh_get_sense+0x210/0x210 [scsi_mod] [ 150.217924] kthread+0x12e/0x150 [ 150.224041] ? kthread_worker_fn+0x130/0x130 [ 150.231206] ret_from_fork+0x1f/0x30 This is caused by mpt3sas_base_sync_reply_irqs() using an invalid reply_q pointer outside of the list_for_each_entry() loop. | 5.5 |
2024-07-16 | CVE-2022-48836 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrong endpoint type. | 5.5 |
2024-07-16 | CVE-2022-48838 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.c:2320 Read of size 8 at addr ffff88802b934098 by task udevd/3689 CPU: 2 PID: 3689 Comm: udevd Not tainted 5.17.0-rc4-syzkaller-00229-g4f12b742eb2b #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0x8d/0x303 mm/kasan/report.c:255 __kasan_report mm/kasan/report.c:442 [inline] kasan_report.cold+0x83/0xdf mm/kasan/report.c:459 dev_uevent+0x712/0x780 drivers/base/core.c:2320 uevent_show+0x1b8/0x380 drivers/base/core.c:2391 dev_attr_show+0x4b/0x90 drivers/base/core.c:2094 Although the bug manifested in the driver core, the real cause was a race with the gadget core. | 5.5 |
2024-07-16 | CVE-2022-48839 | Linux | Out-of-bounds Read vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packet_recvmsg() syzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH and mmap operations, tpacket_rcv() is queueing skbs with garbage in skb->cb[], triggering a too big copy [1] Presumably, users of af_packet using mmap() already gets correct metadata from the mapped buffer, we can simply make sure to clear 12 bytes that might be copied to user space later. BUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline] BUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489 Write of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631 CPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255 __kasan_report mm/kasan/report.c:442 [inline] kasan_report.cold+0x83/0xdf mm/kasan/report.c:459 check_region_inline mm/kasan/generic.c:183 [inline] kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189 memcpy+0x39/0x60 mm/kasan/shadow.c:66 memcpy include/linux/fortify-string.h:225 [inline] packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489 sock_recvmsg_nosec net/socket.c:948 [inline] sock_recvmsg net/socket.c:966 [inline] sock_recvmsg net/socket.c:962 [inline] ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632 ___sys_recvmsg+0x127/0x200 net/socket.c:2674 __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fdfd5954c29 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29 RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60 R13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54 </TASK> addr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame: ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246 this frame has 1 object: [32, 160) 'addr' Memory state around the buggy address: ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 >ffffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3 ^ ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00 ================================================================== | 5.5 |
2024-07-16 | CVE-2022-48840 | Linux | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: iavf: Fix hang during reboot/shutdown Recent commit 974578017fc1 ("iavf: Add waiting so the port is initialized in remove") adds a wait-loop at the beginning of iavf_remove() to ensure that port initialization is finished prior unregistering net device. | 5.5 |
2024-07-16 | CVE-2022-48841 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() It is possible to do NULL pointer dereference in routine that updates Tx ring stats. | 5.5 |
2024-07-16 | CVE-2022-48843 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. So if the driver tries to call drm core set prop function without it being attached that causes NULL dereference. | 5.5 |
2024-07-16 | CVE-2022-48844 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix leaking sent_cmd skb sent_cmd memory is not freed before freeing hci_dev causing it to leak it contents. | 5.5 |
2024-07-16 | CVE-2022-48845 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIG_SCHED_CORE (landed during 5.14 cycle), 2-core 2-thread-per-core interAptiv (CPS-driven) started emitting the following: [ 0.025698] CPU1 revision is: 0001a120 (MIPS interAptiv (multi)) [ 0.048183] ------------[ cut here ]------------ [ 0.048187] WARNING: CPU: 1 PID: 0 at kernel/sched/core.c:6025 sched_core_cpu_starting+0x198/0x240 [ 0.048220] Modules linked in: [ 0.048233] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.17.0-rc3+ #35 b7b319f24073fd9a3c2aa7ad15fb7993eec0b26f [ 0.048247] Stack : 817f0000 00000004 327804c8 810eb050 00000000 00000004 00000000 c314fdd1 [ 0.048278] 830cbd64 819c0000 81800000 817f0000 83070bf4 00000001 830cbd08 00000000 [ 0.048307] 00000000 00000000 815fcbc4 00000000 00000000 00000000 00000000 00000000 [ 0.048334] 00000000 00000000 00000000 00000000 817f0000 00000000 00000000 817f6f34 [ 0.048361] 817f0000 818a3c00 817f0000 00000004 00000000 00000000 4dc33260 0018c933 [ 0.048389] ... [ 0.048396] Call Trace: [ 0.048399] [<8105a7bc>] show_stack+0x3c/0x140 [ 0.048424] [<8131c2a0>] dump_stack_lvl+0x60/0x80 [ 0.048440] [<8108b5c0>] __warn+0xc0/0xf4 [ 0.048454] [<8108b658>] warn_slowpath_fmt+0x64/0x10c [ 0.048467] [<810bd418>] sched_core_cpu_starting+0x198/0x240 [ 0.048483] [<810c6514>] sched_cpu_starting+0x14/0x80 [ 0.048497] [<8108c0f8>] cpuhp_invoke_callback_range+0x78/0x140 [ 0.048510] [<8108d914>] notify_cpu_starting+0x94/0x140 [ 0.048523] [<8106593c>] start_secondary+0xbc/0x280 [ 0.048539] [ 0.048543] ---[ end trace 0000000000000000 ]--- [ 0.048636] Synchronize counters for CPU 1: done. ...for each but CPU 0/boot. Basic debug printks right before the mentioned line say: [ 0.048170] CPU: 1, smt_mask: So smt_mask, which is sibling mask obviously, is empty when entering the function. This is critical, as sched_core_cpu_starting() calculates core-scheduling parameters only once per CPU start, and it's crucial to have all the parameters filled in at that moment (at least it uses cpu_smt_mask() which in fact is `&cpu_sibling_map[cpu]` on MIPS). A bit of debugging led me to that set_cpu_sibling_map() performing the actual map calculation, was being invocated after notify_cpu_start(), and exactly the latter function starts CPU HP callback round (sched_core_cpu_starting() is basically a CPU HP callback). While the flow is same on ARM64 (maps after the notifier, although before calling set_cpu_online()), x86 started calculating sibling maps earlier than starting the CPU HP callbacks in Linux 4.14 (see [0] for the reference). | 5.5 |
2024-07-16 | CVE-2022-48846 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: block: release rq qos structures for queue without disk blkcg_init_queue() may add rq qos structures to request queue, previously blk_cleanup_queue() calls rq_qos_exit() to release them, but commit 8e141f9eb803 ("block: drain file system I/O on del_gendisk") moves rq_qos_exit() into del_gendisk(), so memory leak is caused because queues may not have disk, such as un-present scsi luns, nvme admin queue, ... Fixes the issue by adding rq_qos_exit() to blk_cleanup_queue() back. BTW, v5.18 won't need this patch any more since we move blkcg_init_queue()/blkcg_exit_queue() into disk allocation/release handler, and patches have been in for-5.18/block. | 5.5 |
2024-07-16 | CVE-2022-48849 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bypass tiling flag check in virtual display case (v2) vkms leverages common amdgpu framebuffer creation, and also as it does not support FB modifier, there is no need to check tiling flags when initing framebuffer when virtual display is enabled. This can fix below calltrace: amdgpu 0000:00:08.0: GFX9+ requires FB check based on format modifier WARNING: CPU: 0 PID: 1023 at drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu] v2: check adev->enable_virtual_display instead as vkms can be enabled in bare metal as well. | 5.5 |
2024-07-16 | CVE-2022-48850 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speed_show When bringing down the netdevice or system shutdown, a panic can be triggered while accessing the sysfs path because the device is already removed. [ 755.549084] mlx5_core 0000:12:00.1: Shutdown was called [ 756.404455] mlx5_core 0000:12:00.0: Shutdown was called ... [ 757.937260] BUG: unable to handle kernel NULL pointer dereference at (null) [ 758.031397] IP: [<ffffffff8ee11acb>] dma_pool_alloc+0x1ab/0x280 crash> bt ... PID: 12649 TASK: ffff8924108f2100 CPU: 1 COMMAND: "amsd" ... #9 [ffff89240e1a38b0] page_fault at ffffffff8f38c778 [exception RIP: dma_pool_alloc+0x1ab] RIP: ffffffff8ee11acb RSP: ffff89240e1a3968 RFLAGS: 00010046 RAX: 0000000000000246 RBX: ffff89243d874100 RCX: 0000000000001000 RDX: 0000000000000000 RSI: 0000000000000246 RDI: ffff89243d874090 RBP: ffff89240e1a39c0 R8: 000000000001f080 R9: ffff8905ffc03c00 R10: ffffffffc04680d4 R11: ffffffff8edde9fd R12: 00000000000080d0 R13: ffff89243d874090 R14: ffff89243d874080 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg at ffffffffc04680f3 [mlx5_core] #11 [ffff89240e1a3a18] cmd_exec at ffffffffc046ad62 [mlx5_core] #12 [ffff89240e1a3ab8] mlx5_cmd_exec at ffffffffc046b4fb [mlx5_core] #13 [ffff89240e1a3ae8] mlx5_core_access_reg at ffffffffc0475434 [mlx5_core] #14 [ffff89240e1a3b40] mlx5e_get_fec_caps at ffffffffc04a7348 [mlx5_core] #15 [ffff89240e1a3bb0] get_fec_supported_advertised at ffffffffc04992bf [mlx5_core] #16 [ffff89240e1a3c08] mlx5e_get_link_ksettings at ffffffffc049ab36 [mlx5_core] #17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings at ffffffff8f25db46 #18 [ffff89240e1a3d48] speed_show at ffffffff8f277208 #19 [ffff89240e1a3dd8] dev_attr_show at ffffffff8f0b70e3 #20 [ffff89240e1a3df8] sysfs_kf_seq_show at ffffffff8eedbedf #21 [ffff89240e1a3e18] kernfs_seq_show at ffffffff8eeda596 #22 [ffff89240e1a3e28] seq_read at ffffffff8ee76d10 #23 [ffff89240e1a3e98] kernfs_fop_read at ffffffff8eedaef5 #24 [ffff89240e1a3ed8] vfs_read at ffffffff8ee4e3ff #25 [ffff89240e1a3f08] sys_read at ffffffff8ee4f27f #26 [ffff89240e1a3f50] system_call_fastpath at ffffffff8f395f92 crash> net_device.state ffff89443b0c0000 state = 0x5 (__LINK_STATE_START| __LINK_STATE_NOCARRIER) To prevent this scenario, we also make sure that the netdevice is present. | 5.5 |
2024-07-16 | CVE-2022-48853 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMA_FROM_DEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happens follows: 1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV and a corresponding dxferp. | 5.5 |
2024-07-16 | CVE-2022-48856 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: gianfar: ethtool: Fix refcount leak in gfar_get_ts_info The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount. | 5.5 |
2024-07-16 | CVE-2022-48857 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100_send_complete Syzbot reported UAF in port100_send_complete(). | 5.5 |
2024-07-16 | CVE-2022-48859 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr This node pointer is returned by of_find_compatible_node() with refcount incremented. | 5.5 |
2024-07-16 | CVE-2022-48860 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemaclite_of_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. | 5.5 |
2024-07-16 | CVE-2022-48861 | Linux | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: vdpa: fix use-after-free on vp_vdpa_remove When vp_vdpa driver is unbind, vp_vdpa is freed in vdpa_unregister_device and then vp_vdpa->mdev.pci_dev is dereferenced in vp_modern_remove, triggering use-after-free. Call Trace of unbinding driver free vp_vdpa : do_syscall_64 vfs_write kernfs_fop_write_iter device_release_driver_internal pci_device_remove vp_vdpa_remove vdpa_unregister_device kobject_release device_release kfree Call Trace of dereference vp_vdpa->mdev.pci_dev: vp_modern_remove pci_release_selected_regions pci_release_region pci_resource_len pci_resource_end (dev)->resource[(bar)].end | 5.5 |
2024-07-16 | CVE-2022-48862 | Linux | Infinite Loop vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhost_iotlb_add_range_ctx(), range size can overflow to 0 when start is 0 and last is ULONG_MAX. | 5.5 |
2024-07-16 | CVE-2022-48863 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix memory leak in dsp_pipeline_build() dsp_pipeline_build() allocates dup pointer by kstrdup(cfg), but then it updates dup variable by strsep(&dup, "|"). As a result when it calls kfree(dup), the dup variable contains NULL. Found by Linux Driver Verification project (linuxtesting.org) with SVACE. | 5.5 |
2024-07-16 | CVE-2022-48864 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command When control vq receives a VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command request from the driver, presently there is no validation against the number of queue pairs to configure, or even if multiqueue had been negotiated or not is unverified. | 5.5 |
2024-07-16 | CVE-2022-48865 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: [ 4.498085] RIP: 0010:tipc_mon_prep+0x4e/0x130 [tipc] ... [ 4.520030] Call Trace: [ 4.520689] <IRQ> [ 4.521236] tipc_link_build_proto_msg+0x375/0x750 [tipc] [ 4.522654] tipc_link_build_state_msg+0x48/0xc0 [tipc] [ 4.524034] __tipc_node_link_up+0xd7/0x290 [tipc] [ 4.525292] tipc_rcv+0x5da/0x730 [tipc] [ 4.526346] ? __netif_receive_skb_core+0xb7/0xfc0 [ 4.527601] tipc_l2_rcv_msg+0x5e/0x90 [tipc] [ 4.528737] __netif_receive_skb_list_core+0x20b/0x260 [ 4.530068] netif_receive_skb_list_internal+0x1bf/0x2e0 [ 4.531450] ? dev_gro_receive+0x4c2/0x680 [ 4.532512] napi_complete_done+0x6f/0x180 [ 4.533570] virtnet_poll+0x29c/0x42e [virtio_net] ... The node in question is receiving activate messages in another thread after changing bearer status to allow message sending/ receiving in current thread: thread 1 | thread 2 -------- | -------- | tipc_enable_bearer() | test_and_set_bit_lock() | tipc_bearer_xmit_skb() | | tipc_l2_rcv_msg() | tipc_rcv() | __tipc_node_link_up() | tipc_link_build_state_msg() | tipc_link_build_proto_msg() | tipc_mon_prep() | { | ... | // null-pointer dereference | u16 gen = mon->dom_gen; | ... | } // Not being executed yet | tipc_mon_create() | { | ... | 5.5 |
2024-07-16 | CVE-2021-47622 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler() queues work that calls ufshcd_err_handler() - ufshcd_err_handler() locks up as follows: Workqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Call trace: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 schedule+0x12c/0x298 blk_mq_get_tag+0x210/0x480 __blk_mq_alloc_request+0x1c8/0x284 blk_get_request+0x74/0x134 ufshcd_exec_dev_cmd+0x68/0x640 ufshcd_verify_dev_init+0x68/0x35c ufshcd_probe_hba+0x12c/0x1cb8 ufshcd_host_reset_and_restore+0x88/0x254 ufshcd_reset_and_restore+0xd0/0x354 ufshcd_err_handler+0x408/0xc58 process_one_work+0x24c/0x66c worker_thread+0x3e8/0xa4c kthread+0x150/0x1b4 ret_from_fork+0x10/0x30 Fix this lockup by making ufshcd_exec_dev_cmd() allocate a reserved request. | 5.5 |
2024-07-16 | CVE-2022-48773 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries free them, resulting in an Oops. | 5.5 |
2024-07-16 | CVE-2022-48775 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Fix memory leak by calling kobject_put(). | 5.5 |
2024-07-16 | CVE-2022-48777 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the parser logic by first checking the real partition number and then allocate the space and set the data for the valid partitions. The logic was also fundamentally wrong as with a skipped partition, the parts number returned was incorrect by not decreasing it for the skipped partitions. | 5.5 |
2024-07-16 | CVE-2022-48781 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - get rid of alg_memory_allocated alg_memory_allocated does not seem to be really used. alg_proto does have a .memory_allocated field, but no corresponding .sysctl_mem. This means sk_has_account() returns true, but all sk_prot_mem_limits() users will trigger a NULL dereference [1]. THis was not a problem until SO_RESERVE_MEM addition. general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 3591 Comm: syz-executor153 Not tainted 5.17.0-rc3-syzkaller-00316-gb81b1829e7e3 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:sk_prot_mem_limits include/net/sock.h:1523 [inline] RIP: 0010:sock_reserve_memory+0x1d7/0x330 net/core/sock.c:1000 Code: 08 00 74 08 48 89 ef e8 27 20 bb f9 4c 03 7c 24 10 48 8b 6d 00 48 83 c5 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fb 1f bb f9 48 8b 6d 00 4c 89 ff 48 RSP: 0018:ffffc90001f1fb68 EFLAGS: 00010202 RAX: 0000000000000001 RBX: ffff88814aabc000 RCX: dffffc0000000000 RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff90e18120 RBP: 0000000000000008 R08: dffffc0000000000 R09: fffffbfff21c3025 R10: fffffbfff21c3025 R11: 0000000000000000 R12: ffffffff8d109840 R13: 0000000000001002 R14: 0000000000000001 R15: 0000000000000001 FS: 0000555556e08300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc74416f130 CR3: 0000000073d9e000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> sock_setsockopt+0x14a9/0x3a30 net/core/sock.c:1446 __sys_setsockopt+0x5af/0x980 net/socket.c:2176 __do_sys_setsockopt net/socket.c:2191 [inline] __se_sys_setsockopt net/socket.c:2188 [inline] __x64_sys_setsockopt+0xb1/0xc0 net/socket.c:2188 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fc7440fddc9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffe98f07968 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc7440fddc9 RDX: 0000000000000049 RSI: 0000000000000001 RDI: 0000000000000004 RBP: 0000000000000000 R08: 0000000000000004 R09: 00007ffe98f07990 R10: 0000000020000000 R11: 0000000000000246 R12: 00007ffe98f0798c R13: 00007ffe98f079a0 R14: 00007ffe98f079e0 R15: 0000000000000000 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:sk_prot_mem_limits include/net/sock.h:1523 [inline] RIP: 0010:sock_reserve_memory+0x1d7/0x330 net/core/sock.c:1000 Code: 08 00 74 08 48 89 ef e8 27 20 bb f9 4c 03 7c 24 10 48 8b 6d 00 48 83 c5 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fb 1f bb f9 48 8b 6d 00 4c 89 ff 48 RSP: 0018:ffffc90001f1fb68 EFLAGS: 00010202 RAX: 0000000000000001 RBX: ffff88814aabc000 RCX: dffffc0000000000 RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff90e18120 RBP: 0000000000000008 R08: dffffc0000000000 R09: fffffbfff21c3025 R10: fffffbfff21c3025 R11: 0000000000000000 R12: ffffffff8d109840 R13: 0000000000001002 R14: 0000000000000001 R15: 0000000000000001 FS: 0000555556e08300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc74416f130 CR3: 0000000073d9e000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 | 5.5 |
2024-07-16 | CVE-2022-48793 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Turns out that due to review feedback and/or rebases I accidentally moved the call to nested_svm_load_cr3 to be too early, before the NPT is enabled, which is very wrong to do. KVM can't even access guest memory at that point as nested NPT is needed for that, and of course it won't initialize the walk_mmu, which is main issue the patch was addressing. Fix this for real. | 5.5 |
2024-07-16 | CVE-2022-48800 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: remove deadlock due to throttling failing to make progress A soft lockup bug in kcompactd was reported in a private bugzilla with the following visible in dmesg; watchdog: BUG: soft lockup - CPU#33 stuck for 26s! [kcompactd0:479] watchdog: BUG: soft lockup - CPU#33 stuck for 52s! [kcompactd0:479] watchdog: BUG: soft lockup - CPU#33 stuck for 78s! [kcompactd0:479] watchdog: BUG: soft lockup - CPU#33 stuck for 104s! [kcompactd0:479] The machine had 256G of RAM with no swap and an earlier failed allocation indicated that node 0 where kcompactd was run was potentially unreclaimable; Node 0 active_anon:29355112kB inactive_anon:2913528kB active_file:0kB inactive_file:0kB unevictable:64kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:26780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 23480320kB writeback_tmp:0kB kernel_stack:2272kB pagetables:24500kB all_unreclaimable? yes Vlastimil Babka investigated a crash dump and found that a task migrating pages was trying to drain PCP lists; PID: 52922 TASK: ffff969f820e5000 CPU: 19 COMMAND: "kworker/u128:3" Call Trace: __schedule schedule schedule_timeout wait_for_completion __flush_work __drain_all_pages __alloc_pages_slowpath.constprop.114 __alloc_pages alloc_migration_target migrate_pages migrate_to_node do_migrate_pages cpuset_migrate_mm_workfn process_one_work worker_thread kthread ret_from_fork This failure is specific to CONFIG_PREEMPT=n builds. | 5.5 |
2024-07-16 | CVE-2022-48804 | Linux | Integer Underflow (Wrap or Wraparound) vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate array_index_nospec ensures that an out-of-bounds value is set to zero on the transient path. | 5.5 |
2024-07-16 | CVE-2022-48808 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master (dpaa2-eth) is up, the following panic can be seen: systemd-shutdown[1]: Rebooting. Unable to handle kernel paging request at virtual address 00a0000800000041 [00a0000800000041] address between user and kernel address ranges Internal error: Oops: 96000004 [#1] PREEMPT SMP CPU: 6 PID: 1 Comm: systemd-shutdow Not tainted 5.16.5-00042-g8f5585009b24 #32 pc : dsa_slave_netdevice_event+0x130/0x3e4 lr : raw_notifier_call_chain+0x50/0x6c Call trace: dsa_slave_netdevice_event+0x130/0x3e4 raw_notifier_call_chain+0x50/0x6c call_netdevice_notifiers_info+0x54/0xa0 __dev_close_many+0x50/0x130 dev_close_many+0x84/0x120 unregister_netdevice_many+0x130/0x710 unregister_netdevice_queue+0x8c/0xd0 unregister_netdev+0x20/0x30 dpaa2_eth_remove+0x68/0x190 fsl_mc_driver_remove+0x20/0x5c __device_release_driver+0x21c/0x220 device_release_driver_internal+0xac/0xb0 device_links_unbind_consumers+0xd4/0x100 __device_release_driver+0x94/0x220 device_release_driver+0x28/0x40 bus_remove_device+0x118/0x124 device_del+0x174/0x420 fsl_mc_device_remove+0x24/0x40 __fsl_mc_device_remove+0xc/0x20 device_for_each_child+0x58/0xa0 dprc_remove+0x90/0xb0 fsl_mc_driver_remove+0x20/0x5c __device_release_driver+0x21c/0x220 device_release_driver+0x28/0x40 bus_remove_device+0x118/0x124 device_del+0x174/0x420 fsl_mc_bus_remove+0x80/0x100 fsl_mc_bus_shutdown+0xc/0x1c platform_shutdown+0x20/0x30 device_shutdown+0x154/0x330 __do_sys_reboot+0x1cc/0x250 __arm64_sys_reboot+0x20/0x30 invoke_syscall.constprop.0+0x4c/0xe0 do_el0_svc+0x4c/0x150 el0_svc+0x24/0xb0 el0t_64_sync_handler+0xa8/0xb0 el0t_64_sync+0x178/0x17c It can be seen from the stack trace that the problem is that the deregistration of the master causes a dev_close(), which gets notified as NETDEV_GOING_DOWN to dsa_slave_netdevice_event(). But dsa_switch_shutdown() has already run, and this has unregistered the DSA slave interfaces, and yet, the NETDEV_GOING_DOWN handler attempts to call dev_close_many() on those slave interfaces, leading to the problem. The previous attempt to avoid the NETDEV_GOING_DOWN on the master after dsa_switch_shutdown() was called seems improper. | 5.5 |
2024-07-16 | CVE-2022-48809 | Linux | Memory Leak vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to have a non-shared dst+metadata attached to a specific skb. The issue is the uncloned dst+metadata is initialized with a refcount of 1, which is increased to 2 before attaching it to the skb. | 5.5 |
2024-07-16 | CVE-2022-48824 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrs_detect(), cs->disable_intr is NULL when privdata->hw_init() fails with non-zero. | 5.5 |
2024-07-16 | CVE-2022-48826 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix deadlock on DSI device attach error DSI device attach to DSI host will be done with host device's lock held. Un-registering host in "device attach" error path (ex: probe retry) will result in deadlock with below call trace and non operational DSI display. Startup Call trace: [ 35.043036] rt_mutex_slowlock.constprop.21+0x184/0x1b8 [ 35.043048] mutex_lock_nested+0x7c/0xc8 [ 35.043060] device_del+0x4c/0x3e8 [ 35.043075] device_unregister+0x20/0x40 [ 35.043082] mipi_dsi_remove_device_fn+0x18/0x28 [ 35.043093] device_for_each_child+0x68/0xb0 [ 35.043105] mipi_dsi_host_unregister+0x40/0x90 [ 35.043115] vc4_dsi_host_attach+0xf0/0x120 [vc4] [ 35.043199] mipi_dsi_attach+0x30/0x48 [ 35.043209] tc358762_probe+0x128/0x164 [tc358762] [ 35.043225] mipi_dsi_drv_probe+0x28/0x38 [ 35.043234] really_probe+0xc0/0x318 [ 35.043244] __driver_probe_device+0x80/0xe8 [ 35.043254] driver_probe_device+0xb8/0x118 [ 35.043263] __device_attach_driver+0x98/0xe8 [ 35.043273] bus_for_each_drv+0x84/0xd8 [ 35.043281] __device_attach+0xf0/0x150 [ 35.043290] device_initial_probe+0x1c/0x28 [ 35.043300] bus_probe_device+0xa4/0xb0 [ 35.043308] deferred_probe_work_func+0xa0/0xe0 [ 35.043318] process_one_work+0x254/0x700 [ 35.043330] worker_thread+0x4c/0x448 [ 35.043339] kthread+0x19c/0x1a8 [ 35.043348] ret_from_fork+0x10/0x20 Shutdown Call trace: [ 365.565417] Call trace: [ 365.565423] __switch_to+0x148/0x200 [ 365.565452] __schedule+0x340/0x9c8 [ 365.565467] schedule+0x48/0x110 [ 365.565479] schedule_timeout+0x3b0/0x448 [ 365.565496] wait_for_completion+0xac/0x138 [ 365.565509] __flush_work+0x218/0x4e0 [ 365.565523] flush_work+0x1c/0x28 [ 365.565536] wait_for_device_probe+0x68/0x158 [ 365.565550] device_shutdown+0x24/0x348 [ 365.565561] kernel_restart_prepare+0x40/0x50 [ 365.565578] kernel_restart+0x20/0x70 [ 365.565591] __do_sys_reboot+0x10c/0x220 [ 365.565605] __arm64_sys_reboot+0x2c/0x38 [ 365.565619] invoke_syscall+0x4c/0x110 [ 365.565634] el0_svc_common.constprop.3+0xfc/0x120 [ 365.565648] do_el0_svc+0x2c/0x90 [ 365.565661] el0_svc+0x4c/0xf0 [ 365.565671] el0t_64_sync_handler+0x90/0xb8 [ 365.565682] el0t_64_sync+0x180/0x184 | 5.5 |
2024-07-16 | CVE-2024-3779 | Eset | Incorrect Default Permissions vulnerability in Eset products Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met. | 5.5 |
2024-07-21 | CVE-2024-37457 | Dotcamp | Cross-site Scripting vulnerability in Dotcamp Ultimate Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks – Gutenberg Blocks Plugin allows Stored XSS.This issue affects Ultimate Blocks – Gutenberg Blocks Plugin: from n/a through 3.1.9. | 5.4 |
2024-07-21 | CVE-2024-37460 | Supersaas | Cross-site Scripting vulnerability in Supersaas Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9. | 5.4 |
2024-07-21 | CVE-2024-37465 | Aipower | Cross-site Scripting vulnerability in Aipower Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Senol Sahin GPT3 AI Content Writer allows Stored XSS.This issue affects GPT3 AI Content Writer: from n/a through 1.8.66. | 5.4 |
2024-07-21 | CVE-2024-37466 | Kraftplugins | Cross-site Scripting vulnerability in Kraftplugins Mega Elements Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2. | 5.4 |
2024-07-21 | CVE-2024-37480 | Apollo13Themes | Cross-site Scripting vulnerability in Apollo13Themes Apollo13 Framework Extensions Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.3. | 5.4 |
2024-07-21 | CVE-2024-38782 | Mapsmarker | Cross-site Scripting vulnerability in Mapsmarker Leaflet Maps Marker Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MapsMarker.Com e.U. | 5.4 |
2024-07-21 | CVE-2024-38785 | Jegstudio | Cross-site Scripting vulnerability in Jegstudio Gutenverse Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.2. | 5.4 |
2024-07-21 | CVE-2024-38786 | Burgersoftwares | Cross-site Scripting vulnerability in Burgersoftwares Cozipress Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BurgerThemes CoziPress allows Stored XSS.This issue affects CoziPress: from n/a through 1.0.30. | 5.4 |
2024-07-21 | CVE-2024-37488 | Helloasso | Cross-site Scripting vulnerability in Helloasso Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.9. | 5.4 |
2024-07-21 | CVE-2024-37489 | Oceanwp | Cross-site Scripting vulnerability in Oceanwp Ocean Extra Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS.This issue affects Ocean Extra: from n/a through 2.2.9. | 5.4 |
2024-07-21 | CVE-2024-37495 | Mediavine | Cross-site Scripting vulnerability in Mediavine Create Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7. | 5.4 |
2024-07-21 | CVE-2024-37514 | Artistscope | Cross-site Scripting vulnerability in Artistscope Copysafe web Protection Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Stored XSS.This issue affects CopySafe Web Protection: from n/a through 3.14. | 5.4 |
2024-07-21 | CVE-2024-37519 | Leap13 | Cross-site Scripting vulnerability in Leap13 Premium Blocks for Gutenburg Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress allows Stored XSS.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from n/a through 2.1.27. | 5.4 |
2024-07-21 | CVE-2024-37521 | ZWW | Cross-site Scripting vulnerability in ZWW Zbench Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in zwwooooo zBench allows Stored XSS.This issue affects zBench: from n/a through 1.4.2. | 5.4 |
2024-07-21 | CVE-2024-37523 | Amplifyplugins | Cross-site Scripting vulnerability in Amplifyplugins Login Logo Editor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AMP-MODE Login Logo Editor allows Stored XSS.This issue affects Login Logo Editor: from n/a through 1.3.3. | 5.4 |
2024-07-21 | CVE-2024-37536 | Web357 | Cross-site Scripting vulnerability in Web357 Easy Custom Code Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Web357 Easy Custom Code (LESS/CSS/JS) – Live editing allows Stored XSS.This issue affects Easy Custom Code (LESS/CSS/JS) – Live editing: from n/a through 1.0.8. | 5.4 |
2024-07-21 | CVE-2024-37537 | Uusweb | Cross-site Scripting vulnerability in Uusweb WS Contact Form Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UusWeb.Ee WS Contact Form allows Stored XSS.This issue affects WS Contact Form: from n/a through 1.3.7. | 5.4 |
2024-07-21 | CVE-2024-37538 | Bibleserver | Cross-site Scripting vulnerability in Bibleserver Link to Bible Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thomas Kuhlmann Link To Bible allows Stored XSS.This issue affects Link To Bible: from n/a through 2.5.9. | 5.4 |
2024-07-21 | CVE-2024-37545 | Celloexpressions | Cross-site Scripting vulnerability in Celloexpressions Floating Social Media Links Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nick Halsey Floating Social Media Links allows Stored XSS.This issue affects Floating Social Media Links: from n/a through 1.5.2. | 5.4 |
2024-07-21 | CVE-2024-37548 | Mekshq | Cross-site Scripting vulnerability in Mekshq Meks Easy ADS Widget Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8. | 5.4 |
2024-07-21 | CVE-2024-37551 | Perials | Cross-site Scripting vulnerability in Perials Simple Social Share Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0. | 5.4 |
2024-07-21 | CVE-2024-37552 | Inisev | Cross-site Scripting vulnerability in Inisev Social Media Share Buttons & Social Sharing Icons Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1. | 5.4 |
2024-07-21 | CVE-2024-6942 | Thinksaas | Cross-site Scripting vulnerability in Thinksaas 3.7.0 A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. | 5.4 |
2024-07-21 | CVE-2024-6941 | Thinksaas | Cross-site Scripting vulnerability in Thinksaas 3.7.0 A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. | 5.4 |
2024-07-20 | CVE-2024-6932 | Classcms Project | Cross-site Scripting vulnerability in Classcms Project Classcms 4.5 A vulnerability was found in ClassCMS 4.5. | 5.4 |
2024-07-20 | CVE-2024-37955 | Makegutenblock | Cross-site Scripting vulnerability in Makegutenblock Gutslider Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider – All in One Block Slider allows Stored XSS.This issue affects GutSlider – All in One Block Slider: from n/a through 2.7.3. | 5.4 |
2024-07-20 | CVE-2024-37956 | Vektor INC | Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. | 5.4 |
2024-07-20 | CVE-2024-37957 | Bradmax | Cross-site Scripting vulnerability in Bradmax Player Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27. | 5.4 |
2024-07-20 | CVE-2024-37958 | Mekshq | Cross-site Scripting vulnerability in Mekshq Meks Smart Author Widget Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4. | 5.4 |
2024-07-20 | CVE-2024-37959 | Atlaspolicy | Cross-site Scripting vulnerability in Atlaspolicy Power BI Embedded Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7. | 5.4 |
2024-07-19 | CVE-2024-5977 | Givewp | Authorization Bypass Through User-Controlled Key vulnerability in Givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.13.0 via the 'handleRequest' function due to missing validation on a user controlled key. | 5.4 |
2024-07-19 | CVE-2024-6907 | Jkev | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 5.4 |
2024-07-19 | CVE-2024-39457 | Cybozu | Cross-site Scripting vulnerability in Cybozu Garoon 6.0.0/6.0.1 Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. | 5.4 |
2024-07-18 | CVE-2023-6708 | The SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping, even when the 'Sanitize SVG while uploading' feature is enabled. | 5.4 | |
2024-07-17 | CVE-2024-39124 | Roundup Tracker | Cross-site Scripting vulnerability in Roundup-Tracker Roundup In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS. | 5.4 |
2024-07-17 | CVE-2024-39125 | Roundup Tracker | Cross-site Scripting vulnerability in Roundup-Tracker Roundup Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header. | 5.4 |
2024-07-17 | CVE-2024-39126 | Roundup Tracker | Cross-site Scripting vulnerability in Roundup-Tracker Roundup Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents. | 5.4 |
2024-07-17 | CVE-2024-28796 | IBM | Cross-site Scripting vulnerability in IBM Rational Clearquest IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. | 5.4 |
2024-07-17 | CVE-2024-39863 | Apache | Cross-site Scripting vulnerability in Apache Airflow Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. | 5.4 |
2024-07-17 | CVE-2024-5582 | Magazine3 | Cross-site Scripting vulnerability in Magazine3 Schema & Structured Data for WP & AMP The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-17 | CVE-2024-5251 | Brainstormforce | Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_pricing shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-17 | CVE-2024-5252 | Brainstormforce | Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_table shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-17 | CVE-2024-5253 | Brainstormforce | Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ult_team shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-17 | CVE-2024-5254 | Brainstormforce | Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_banner shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-17 | CVE-2024-5255 | Brainstormforce | Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_dual_color shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-16 | CVE-2024-21122 | Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (component: Text Catalog). | 5.4 | |
2024-07-16 | CVE-2024-21128 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: APIs). | 5.4 | |
2024-07-16 | CVE-2024-21132 | Oracle | Unspecified vulnerability in Oracle Purchasing Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite (component: Approvals). | 5.4 |
2024-07-16 | CVE-2024-21139 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Answers). | 5.4 | |
2024-07-16 | CVE-2024-2691 | WP Eventmanager | Cross-site Scripting vulnerability in Wp-Eventmanager WP Event Manager The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events' shortcode in all versions up to, and including, 3.1.43 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-16 | CVE-2024-3587 | Averta | Cross-site Scripting vulnerability in Averta Auxinportfolio The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Portfolios Widget in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2024-07-15 | CVE-2024-6742 | Space Management System Project | Cross-site Scripting vulnerability in Space Management System Project Space Management System AguardNet Technology's Space Management System does not properly filter user input, allowing remote attackers with regular privileges to inject JavaScript and perform Reflected Cross-site scripting attacks. | 5.4 |
2024-07-15 | CVE-2024-39735 | IBM | Cross-site Scripting vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. | 5.4 |
2024-07-15 | CVE-2024-39728 | IBM | Cross-site Scripting vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. | 5.4 |
2024-07-21 | CVE-2024-6949 | Gargaj | Path Traversal vulnerability in Gargaj Wuhu A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. | 5.3 |
2024-07-20 | CVE-2024-6489 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_google_api_key function in all versions up to, and including, 2.0.10. | 5.3 | |
2024-07-20 | CVE-2024-6560 | The Addonify – Quick View For WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.16. | 5.3 | |
2024-07-18 | CVE-2024-6455 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.0 due to a missing capability checks on ekit_widgetarea_content function. | 5.3 | |
2024-07-18 | CVE-2024-40725 | Apache | Unspecified vulnerability in Apache Http Server 2.4.60/2.4.61 A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. | 5.3 |
2024-07-18 | CVE-2024-6504 | Rapid7 | Unspecified vulnerability in Rapid7 Insightvm Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can cause it to overload or crash by sending repeated invalid REST requests in a short timeframe, to the Console's port 443 causing the console to enter an exception handling logging loop, exhausting the CPU. | 5.3 |
2024-07-17 | CVE-2024-6535 | Redhat | Improper Authentication vulnerability in Redhat Service Interconnect 1.0 A flaw was found in Skupper. | 5.3 |
2024-07-17 | CVE-2024-6595 | Gitlab | Unrestricted Upload of File with Dangerous Type vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 where it was possible to upload an NPM package with conflicting package data. | 5.3 |
2024-07-16 | CVE-2024-21143 | Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). | 5.3 | |
2024-07-16 | CVE-2024-21176 | Oracle | Unspecified vulnerability in Oracle Mysql Server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). | 5.3 |
2024-07-16 | CVE-2024-5816 | Github | Incorrect Authorization vulnerability in Github Enterprise Server An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. | 5.3 |
2024-07-16 | CVE-2024-6336 | Github | Unspecified vulnerability in Github Enterprise Server A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. | 5.3 |
2024-07-16 | CVE-2024-6395 | Github | Unspecified vulnerability in Github Enterprise Server An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. | 5.3 |
2024-07-16 | CVE-2024-6565 | The AForms — Form Builder for Price Calculator & Cost Estimation plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.6. | 5.3 | |
2024-07-16 | CVE-2024-6570 | The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. | 5.3 | |
2024-07-16 | CVE-2024-6557 | The SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.1.3. | 5.3 | |
2024-07-15 | CVE-2024-32945 | Mattermost | Missing Initialization of Resource vulnerability in Mattermost Mobile 1.26.0/1.29.0/1.30.0 Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared MathJax state which allows an attacker to change the contents of a LateX post, by creating another post with specific macro definitions. | 5.3 |
2024-07-15 | CVE-2024-6398 | Skyhighsecurity | Unspecified vulnerability in Skyhighsecurity Secure web Gateway An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. | 5.3 |
2024-07-15 | CVE-2024-6741 | Openfind | Unspecified vulnerability in Openfind Mail2000 7.0/8.0 Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. | 5.3 |
2024-07-15 | CVE-2024-6540 | Otrs | Unspecified vulnerability in Otrs Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing information about tickets of other customers. | 5.3 |
2024-07-15 | CVE-2024-39740 | IBM | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. | 5.3 |
2024-07-15 | CVE-2024-39741 | IBM | Path Traversal vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. | 5.3 |
2024-07-15 | CVE-2024-6738 | Wisdomgarden | Unspecified vulnerability in Wisdomgarden Tronclass The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL. | 5.3 |
2024-07-15 | CVE-2024-39737 | IBM | Information Exposure Through an Error Message vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
2024-07-21 | CVE-2024-6936 | Formtools | Code Injection vulnerability in Formtools Form Tools 3.1.1 A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. | 4.9 |
2024-07-16 | CVE-2024-20996 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21125 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). | 4.9 |
2024-07-16 | CVE-2024-21127 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). | 4.9 |
2024-07-16 | CVE-2024-21129 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). | 4.9 |
2024-07-16 | CVE-2024-21130 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2024-07-16 | CVE-2024-21135 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2024-07-16 | CVE-2024-21137 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2024-07-16 | CVE-2024-21142 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). | 4.9 |
2024-07-16 | CVE-2024-21157 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21159 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21160 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21162 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2024-07-16 | CVE-2024-21165 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). | 4.9 |
2024-07-16 | CVE-2024-21173 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21179 | Oracle | Unspecified vulnerability in Oracle Mysql Server Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-16 | CVE-2024-21185 | Oracle | Unspecified vulnerability in Oracle Mysql Server 8.0.38/8.4.1/9.0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.9 |
2024-07-21 | CVE-2024-37446 | Kibokolabs | Cross-site Scripting vulnerability in Kibokolabs Chained Quiz Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8. | 4.8 |
2024-07-21 | CVE-2024-37447 | Pixelyoursite | Cross-site Scripting vulnerability in Pixelyoursite Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager allows Stored XSS.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager: from n/a through 9.6.1.1. | 4.8 |
2024-07-21 | CVE-2024-37449 | Themepunch | Cross-site Scripting vulnerability in Themepunch Slider Revolution Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.7.13. | 4.8 |
2024-07-21 | CVE-2024-38784 | Livemesh | Cross-site Scripting vulnerability in Livemesh Beaver Builder Addons Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Beaver Builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through 3.6.1. | 4.8 |
2024-07-21 | CVE-2024-37522 | Dcurasi | Cross-site Scripting vulnerability in Dcurasi CC & BCC for Woocommerce Order Emails Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dario Curasì CC & BCC for Woocommerce Order Emails allows Stored XSS.This issue affects CC & BCC for Woocommerce Order Emails: from n/a through 1.4.1. | 4.8 |
2024-07-21 | CVE-2024-37549 | Pdfcrowd | Cross-site Scripting vulnerability in Pdfcrowd Save AS PDF Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.0.0. | 4.8 |
2024-07-21 | CVE-2024-37550 | Envato | Cross-site Scripting vulnerability in Envato Template KIT - Export Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Envato Template Kit – Export allows Stored XSS.This issue affects Template Kit – Export: from n/a through 1.0.22. | 4.8 |
2024-07-21 | CVE-2024-37556 | Seedprod | Cross-site Scripting vulnerability in Seedprod Wordpress Notification BAR Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10. | 4.8 |
2024-07-21 | CVE-2024-37557 | Sohamsolution | Cross-site Scripting vulnerability in Sohamsolution WP Cookie LAW Info Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Soham Web Solution WP Cookie Law Info allows Stored XSS.This issue affects WP Cookie Law Info: from n/a through 1.1. | 4.8 |
2024-07-21 | CVE-2024-37558 | Nihal | Cross-site Scripting vulnerability in Nihal Wpfavicon Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1. | 4.8 |
2024-07-21 | CVE-2024-6935 | Formtools | Cross-site Scripting vulnerability in Formtools Form Tools 3.1.1 A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. | 4.8 |
2024-07-21 | CVE-2024-6934 | Formtools | Cross-site Scripting vulnerability in Formtools Form Tools 3.1.1 A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. | 4.8 |
2024-07-17 | CVE-2024-6669 | Quantumcloud | Cross-site Scripting vulnerability in Quantumcloud AI Chatbot The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.7 due to insufficient input sanitization and output escaping. | 4.8 |
2024-07-16 | CVE-2024-21140 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). | 4.8 | |
2024-07-16 | CVE-2024-21145 | Oracle Netapp | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). | 4.8 |
2024-07-16 | CVE-2024-21148 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). | 4.8 |
2024-07-17 | CVE-2023-52291 | Apache | Command Injection vulnerability in Apache Streampark In streampark, the project module integrates Maven's compilation capabilities. | 4.7 |
2024-07-17 | CVE-2024-29737 | Apache | Command Injection vulnerability in Apache Streampark In streampark, the project module integrates Maven's compilation capabilities. | 4.7 |
2024-07-16 | CVE-2024-21155 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: User Interface). | 4.7 | |
2024-07-16 | CVE-2022-48842 | Linux | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ice: Fix race condition during interface enslave Commit 5dbbbd01cbba83 ("ice: Avoid RTNL lock when re-creating auxiliary device") changes a process of re-creation of aux device so ice_plug_aux_dev() is called from ice_service_task() context. This unfortunately opens a race window that can result in dead-lock when interface has left LAG and immediately enters LAG again. Reproducer: ``` #!/bin/sh ip link add lag0 type bond mode 1 miimon 100 ip link set lag0 for n in {1..10}; do echo Cycle: $n ip link set ens7f0 master lag0 sleep 1 ip link set ens7f0 nomaster done ``` This results in: [20976.208697] Workqueue: ice ice_service_task [ice] [20976.213422] Call Trace: [20976.215871] __schedule+0x2d1/0x830 [20976.219364] schedule+0x35/0xa0 [20976.222510] schedule_preempt_disabled+0xa/0x10 [20976.227043] __mutex_lock.isra.7+0x310/0x420 [20976.235071] enum_all_gids_of_dev_cb+0x1c/0x100 [ib_core] [20976.251215] ib_enum_roce_netdev+0xa4/0xe0 [ib_core] [20976.256192] ib_cache_setup_one+0x33/0xa0 [ib_core] [20976.261079] ib_register_device+0x40d/0x580 [ib_core] [20976.266139] irdma_ib_register_device+0x129/0x250 [irdma] [20976.281409] irdma_probe+0x2c1/0x360 [irdma] [20976.285691] auxiliary_bus_probe+0x45/0x70 [20976.289790] really_probe+0x1f2/0x480 [20976.298509] driver_probe_device+0x49/0xc0 [20976.302609] bus_for_each_drv+0x79/0xc0 [20976.306448] __device_attach+0xdc/0x160 [20976.310286] bus_probe_device+0x9d/0xb0 [20976.314128] device_add+0x43c/0x890 [20976.321287] __auxiliary_device_add+0x43/0x60 [20976.325644] ice_plug_aux_dev+0xb2/0x100 [ice] [20976.330109] ice_service_task+0xd0c/0xed0 [ice] [20976.342591] process_one_work+0x1a7/0x360 [20976.350536] worker_thread+0x30/0x390 [20976.358128] kthread+0x10a/0x120 [20976.365547] ret_from_fork+0x1f/0x40 ... [20976.438030] task:ip state:D stack: 0 pid:213658 ppid:213627 flags:0x00004084 [20976.446469] Call Trace: [20976.448921] __schedule+0x2d1/0x830 [20976.452414] schedule+0x35/0xa0 [20976.455559] schedule_preempt_disabled+0xa/0x10 [20976.460090] __mutex_lock.isra.7+0x310/0x420 [20976.464364] device_del+0x36/0x3c0 [20976.467772] ice_unplug_aux_dev+0x1a/0x40 [ice] [20976.472313] ice_lag_event_handler+0x2a2/0x520 [ice] [20976.477288] notifier_call_chain+0x47/0x70 [20976.481386] __netdev_upper_dev_link+0x18b/0x280 [20976.489845] bond_enslave+0xe05/0x1790 [bonding] [20976.494475] do_setlink+0x336/0xf50 [20976.502517] __rtnl_newlink+0x529/0x8b0 [20976.543441] rtnl_newlink+0x43/0x60 [20976.546934] rtnetlink_rcv_msg+0x2b1/0x360 [20976.559238] netlink_rcv_skb+0x4c/0x120 [20976.563079] netlink_unicast+0x196/0x230 [20976.567005] netlink_sendmsg+0x204/0x3d0 [20976.570930] sock_sendmsg+0x4c/0x50 [20976.574423] ____sys_sendmsg+0x1eb/0x250 [20976.586807] ___sys_sendmsg+0x7c/0xc0 [20976.606353] __sys_sendmsg+0x57/0xa0 [20976.609930] do_syscall_64+0x5b/0x1a0 [20976.613598] entry_SYSCALL_64_after_hwframe+0x65/0xca 1. | 4.7 |
2024-07-20 | CVE-2024-6491 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimp_api_key_manage function in all versions up to, and including, 2.0.10. | 4.3 | |
2024-07-20 | CVE-2024-5804 | The Conditional Fields for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.13. | 4.3 | |
2024-07-19 | CVE-2024-6799 | Yithemes | Missing Authorization vulnerability in Yithemes Yith Essential KIT for Woocommerce The YITH Essential Kit for WooCommerce #1 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'activate_module', 'deactivate_module', and 'install_module' functions in all versions up to, and including, 2.34.0. | 4.3 |
2024-07-18 | CVE-2024-5997 | The Duplica – Duplicate Posts, Pages, Custom Posts or Users plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the duplicate_user and duplicate_post functions in all versions up to, and including, 0.6. | 4.3 | |
2024-07-18 | CVE-2024-6599 | The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajax_save_settings function in all versions up to, and including, 1.0.11. | 4.3 | |
2024-07-17 | CVE-2024-31979 | Apache | Server-Side Request Forgery (SSRF) vulnerability in Apache Streampipes Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installation process of pipeline elements. Previously, StreamPipes allowed users to configure custom endpoints from which to install additional pipeline elements. | 4.3 |
2024-07-17 | CVE-2024-5703 | Icegram | Missing Authorization vulnerability in Icegram Email Subscribers & Newsletters The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized API access due to a missing capability check in all versions up to, and including, 5.7.26. | 4.3 |
2024-07-17 | CVE-2024-6033 | Themewinter | Missing Authorization vulnerability in Themewinter Eventin The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'import_file' function in all versions up to, and including, 4.0.4. | 4.3 |
2024-07-16 | CVE-2024-21134 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). | 4.3 |
2024-07-16 | CVE-2024-21154 | Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Human Resources). | 4.3 | |
2024-07-16 | CVE-2024-6621 | Rebelcode | Unspecified vulnerability in Rebelcode RSS Aggregator The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wprss_activate_feed_source' and 'wprss_pause_feed_source' functions in all versions up to, and including, 4.23.11. | 4.3 |
2024-07-16 | CVE-2024-6579 | The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all versions up to, and including, 1.4.5. | 4.3 | |
2024-07-16 | CVE-2024-5852 | Iptanus | Path Traversal vulnerability in Iptanus Wordpress File Upload The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.24.7 via the 'uploadpath' parameter of the wordpress_file_upload shortcode. | 4.3 |
2024-07-15 | CVE-2024-39729 | IBM | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. | 4.3 |
2024-07-15 | CVE-2024-39739 | IBM | Server-Side Request Forgery (SSRF) vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). | 4.3 |
2024-07-17 | CVE-2024-6807 | Oretnom23 | Cross-site Scripting vulnerability in Oretnom23 Student Study Center Desk Management System 1.0 A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. | 4.1 |
2024-07-16 | CVE-2024-21180 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60/8.61 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). | 4.1 |
13 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2024-07-17 | CVE-2023-42010 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. | 3.7 |
2024-07-17 | CVE-2024-30471 | Apache | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Streampipes Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in user self-registration. This allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and corrupting StreamPipe's user management. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue. | 3.7 |
2024-07-16 | CVE-2024-21131 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). | 3.7 | |
2024-07-16 | CVE-2024-21138 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). | 3.7 | |
2024-07-16 | CVE-2024-21144 | Oracle Netapp | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). | 3.7 |
2024-07-16 | CVE-2024-21151 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). | 3.3 | |
2024-07-16 | CVE-2022-48852 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. | 3.3 |
2024-07-15 | CVE-2024-41007 | Linux | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1000), for about 4 minutes after TCP_USER_TIMEOUT has 'expired'. The fix is to make sure tcp_rtx_probe0_timed_out() takes icsk->icsk_user_timeout into account. Before blamed commit, the socket would not timeout after icsk->icsk_user_timeout, but would use standard exponential backoff for the retransmits. Also worth noting that before commit e89688e3e978 ("net: tcp: fix unexcepted socket die when snd_wnd is 0"), the issue would last 2 minutes instead of 4. | 3.3 |
2024-07-16 | CVE-2024-21174 | Vulnerability in the Java VM component of Oracle Database Server. | 3.1 | |
2024-07-21 | CVE-2024-6937 | Formtools | Unspecified vulnerability in Formtools Form Tools 3.1.1 A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. | 2.7 |
2024-07-20 | CVE-2024-6694 | The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 4.0.1. | 2.7 | |
2024-07-16 | CVE-2024-21164 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 2.5 |
2024-07-16 | CVE-2024-21123 | Vulnerability in the Oracle Database Core component of Oracle Database Server. | 2.3 |