Latest CVE Feed
-
8.5
HIGHCVE-2024-43207
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Valiano Unite Gallery Lite.This issue affects Unite Gallery Lite: from n/a through 1.7.62.... Read more
Affected Products : unite_gallery_lite- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
5.1
MEDIUMCVE-2024-7887
A vulnerability was found in LimeSurvey 6.3.0-231016 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php of the component File Upload. The manipulation of the argument size leads to denial of service.... Read more
Affected Products : limesurvey- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42274
In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e ("ALSA: firewire-lib: operate for period elapse event in process context") removed th... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
5.4
MEDIUMCVE-2024-25582
Module savepoints could be abused to inject references to malicious code delivered through the same domain. Attackers could perform malicious API requests or extract information from the users account. Exploiting this vulnerability requires temporary acce... Read more
- Published: Aug. 19, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42321
In the Linux kernel, the following vulnerability has been resolved: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-43263
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Visual Composer Visual Composer Starter allows Stored XSS.This issue affects Visual Composer Starter: from n/a through 3.3.... Read more
Affected Products :- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42261
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will no... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42304
In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
5.3
MEDIUMCVE-2024-43350
Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.... Read more
Affected Products :- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-43305
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code Amp Custom Layouts – Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts – Post + Product grids made easy: fro... Read more
Affected Products :- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
7.1
HIGHCVE-2024-43348
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9.... Read more
Affected Products :- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-43320
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Pa... Read more
Affected Products : wpbakery_page_builder_addons- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-43349
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.... Read more
Affected Products : all_bootstrap_blocks- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
7.1
HIGHCVE-2024-43241
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azzaroco Ultimate Membership Pro allows Reflected XSS.This issue affects Ultimate Membership Pro: from n/a through 12.6.... Read more
Affected Products : ultimate_membership_pro- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42260
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will ... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42305
In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for addr... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42296
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_convert_inline_inode() If device is readonly, make f2fs_convert_inline_inode() return EROFS instead of zero, otherwise it may trigger panic during writeba... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-43820
In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
0.0
NACVE-2024-42303
In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error.... Read more
Affected Products : linux_kernel- Published: Aug. 17, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-43262
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8.... Read more
Affected Products :- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024