CVE-2024-11494

creationtimestamp| type| source ---|---|--- 2024-11-20 09:40:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113514621049816861 2024-11-20 09:44:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113514635529972519 2024-11-20 12:03:58+00:00| seen| https://t.me/cvedetector/115...

CVE-2024-53078

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs ISERR check in probe The iommupagingdomainalloc function doesn't return NULL pointers, it returns error pointers. Update the check to match...

CVE-2024-42387

creationtimestamp| type| source ---|---|--- 2024-11-18 09:46:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113503319177654437 2024-11-18 12:22:02+00:00| seen| https://t.me/cvedetector/11313 2025-09-25 00:36:29+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2024-50654

lilishop =4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency...

CVE-2024-49051

creationtimestamp| type| source ---|---|--- 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review 2024-11-12 19:44:08+00:00| seen| https://t.me/cvedetector/10677 2024-11-12 23:11:11+00:00| seen|...

Photon OS 5.0: Docker PHSA-2024-5.0-0397

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0397. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-43436

A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators...

CVE-2024-49407

creationtimestamp| type| source ---|---|--- 2024-11-06 03:32:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113433901291247166 2024-11-06 04:57:38+00:00| seen| https://t.me/cvedetector/9976...

CVE-2024-50003

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor Why Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during the resume procedure an...

AZL-51360 CVE-2024-49883 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...

CVE-2024-7755

creationtimestamp| type| source ---|---|--- 2024-10-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-04 2024-10-17 21:40:11+00:00| seen| https://t.me/cvedetector/8224...

CVE-2024-8530

creationtimestamp| type| source ---|---|--- 2024-10-11 17:01:23+00:00| seen| https://t.me/cvedetector/7680 2024-10-15 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-289-02 2024-10-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1416/...

CVE-2024-45397

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by...

CVE-2024-38265

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review...

CVE-Reference

C...

360shitu (=0.1.0), 3d-crystal-model (=0.1.0) +8419 more potentially affected by CVE-2024-45296 via path-to-regexp (>=2.0.0 <=3.2.0)

path-to-regexp NPM version =2.0.0, =0.24.0, =1.0.0, =1.0.6, =0.0.0-canary.1, =0.0.1, =6.1.5, =1.1.17, =1.2.151 - @21epub/pro-layout =6.10.9 and more Source cves: CVE-2024-45296 Source advisory: OSV:GHSA-9WV6-86V2-598J...

amlr (>=0.3.6 <=0.4.1), arsa-ml (>=0.1.0 <=0.1.13) +29 more potentially affected by CVE-2024-45758 via h2o (>=3.18.0.8 <=3.46.0.7)

h2o PYPI version =3.18.0.8, =0.3.6, =0.1.0, =0.0.92, =1.0.81, =2019.9.10.14.39.5, =1.0.1, =0.1.20, =0.1.0, =0.1.2, =0.3.2, =0.3.0, =1.0.1.1.4, =0.4.0.dev3, =0.1.0, =3.0.1, =5.4.1 and more Source cves: CVE-2024-45758 Source advisory: OSV:GHSA-HRMC-JMP7-MPM2...

CVE-2024-8139

A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file searchlist.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2024-41957

creationtimestamp| type| source ---|---|--- 2024-08-02 00:37:56+00:00| seen| https://t.me/cvedetector/2289 2025-07-09 21:28:20+00:00| seen| https://gist.github.com/jamincollins/eeeaa5b5a021f181d02cd557edf76515...

CVE-2024-6531

Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded...