Latest CVE Feed
-
5.5
CVSS31CVE-2024-47744
In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock Use a dedicated mutex to guard kvm_usage_count to fix a potential deadlock on x86 due to a chain of locks and SRCU ... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
4.8
CVSS31CVE-2024-10199
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /manage_medicine.php of the component Manage Medicines Page. The manipulation of ... Read more
Affected Products : pharmacy_management- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
4.8
CVSS31CVE-2024-10198
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer.php of the component Manage Customer Page. The manipula... Read more
Affected Products : pharmacy_management- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
9.6
CVSS31CVE-2024-8980
The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, 7.2 GA through fix pack 20, 7.1 GA through fix pack 28, 7.0 GA through fix pack 102 and 6.2 GA t... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
5.9
CVSS31CVE-2024-43177
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
3.7
CVSS31CVE-2024-43173
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
9.0
CVSS31CVE-2024-38002
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92 and 7.3 GA through update 36 does not properly check user permissions before updating a wo... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
8.8
CVSS31CVE-2024-26273
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4.0 through 7.4.3.103, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92 and 7.3 update 29 through update 35 al... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
8.8
CVSS31CVE-2024-26272
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92 and 7.3 GA through update 35 allows re... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
8.8
CVSS31CVE-2024-26271
Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 update 75 through update 92 and 7.3 update 32 through upda... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47684
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47681
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 drive... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.5
CVSS31CVE-2024-47677
In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_u... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
8.8
CVSS31CVE-2024-41714
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insuf... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
7.5
CVSS31CVE-2024-41713
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
5.3
CVSS31CVE-2024-40088
A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any ... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
9.8
CVSS31CVE-2024-35314
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sani... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
6.7
CVSS31CVE-2024-35287
A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource wi... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
9.8
CVSS31CVE-2024-35286
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensi... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
9.8
CVSS31CVE-2024-35285
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024