Latest CVE Feed
-
9.8
CRITICALCVE-2024-8331
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to in... Read more
Affected Products : rapidcms- Published: Aug. 30, 2024
- Modified: Sep. 03, 2024
-
9.8
CRITICALCVE-2024-8332
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. The attack can b... Read more
Affected Products : sweet-cms- Published: Aug. 30, 2024
- Modified: Sep. 03, 2024
-
5.3
MEDIUMCVE-2024-8370
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument force_serve_as with the inp... Read more
Affected Products :- Published: Sep. 01, 2024
- Modified: Sep. 03, 2024
-
5.5
MEDIUMCVE-2024-43861
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.... Read more
Affected Products : linux_kernel- Published: Aug. 20, 2024
- Modified: Sep. 03, 2024
-
5.5
MEDIUMCVE-2024-43862
In the Linux kernel, the following vulnerability has been resolved: net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex The carrier_lock spinlock protects the carrier detection. While it is held, framer_get_status() is called which in turn ... Read more
Affected Products : linux_kernel- Published: Aug. 21, 2024
- Modified: Sep. 03, 2024
-
5.5
MEDIUMCVE-2024-43871
In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), f... Read more
Affected Products : linux_kernel- Published: Aug. 21, 2024
- Modified: Sep. 03, 2024
-
5.5
MEDIUMCVE-2024-43872
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lock... Read more
Affected Products : linux_kernel- Published: Aug. 21, 2024
- Modified: Sep. 03, 2024
-
7.8
HIGHCVE-2024-43873
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never s... Read more
Affected Products : linux_kernel- Published: Aug. 21, 2024
- Modified: Sep. 03, 2024
-
5.5
MEDIUMCVE-2024-43874
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if th... Read more
Affected Products : linux_kernel- Published: Aug. 21, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-33035
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +74 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-23365
Memory corruption while releasing shared resources in MinkSocket listener thread.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware qca6574_firmware qca6574a_firmware sa8540p_firmware sa9000p_firmware +17 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-5148
A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a ... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
6.8
MEDIUMCVE-2024-33016
memory corruption when an invalid firehose patch command is invoked.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +287 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
5.1
MEDIUMCVE-2024-8367
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to c1afe0cdb2b2766d9e24872c4e827f8b82a6cd31. It has been classified as problematic. Affected is an unknown function of the file src/main/java/uk/gov/hmcts/probate/service/No... Read more
Affected Products :- Published: Sep. 01, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23358
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.... Read more
Affected Products : wcn3980_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware qca6698aq_firmware qca8081_firmware qca8337_firmware +42 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.1
HIGHCVE-2024-23362
Cryptographic issue while parsing RSA keys in COBR format.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +195 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23364
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +156 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
2.5
LOWCVE-2024-45305
gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's config... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.2
HIGHCVE-2024-23359
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd855_firmware +126 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
6.5
MEDIUMCVE-2024-45308
HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be acces... Read more
Affected Products : hedgedoc- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024