Lucene search
K

6043 matches found

RedHat Linux
RedHat Linux
added 2024/07/31 12:54 a.m.5 views

kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

5.5CVSS6.8AI score0.00251EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/07/31 12:0 a.m.454 views

Aero CMS 0.0.1 Cross Site Request Forgery

============================================================================================================================================= | Title : Aero CMS v0.0.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | | Vendor...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2024/07/30 7:46 a.m.16 views

CVE-2024-42142

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses it. It is independe...

5.5CVSS5.2AI score0.00225EPSS
Exploits0
OSV
OSV
added 2024/07/29 5:15 p.m.2 views

DEBIAN-CVE-2024-42090

In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree...

5.5CVSS5.5AI score0.00189EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/27 12:0 a.m.4 views

PT-2024-37725

Name of the Vulnerable Software and Affected Versions Campaign Monitor for WordPress plugin for WordPress versions up to, and including, 2.8.15 Description The issue is due to the plugin not properly restricting direct access to "/forms/views/admin/create.php" and display errors being enabled. Th...

5.3CVSS5.2AI score0.00849EPSS
Exploits0References7
OSV
OSV
added 2024/07/21 8:15 a.m.4 views

CVE-2024-37495

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7...

5.4CVSS5.8AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2024/07/21 8:15 a.m.38 views

CVE-2024-37495

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.7...

6.5CVSS0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/21 7:26 a.m.43 views

CVE-2024-37495 WordPress Create by Mediavine plugin <= 1.9.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.7...

6.5CVSS0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/21 7:26 a.m.14 views

CVE-2024-37495 WordPress Create by Mediavine plugin <= 1.9.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7...

6.5CVSS6.8AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2024/07/21 7:26 a.m.63 views

CVE-2024-37495

CVE-2024-37495 is a Stored XSS in Mediavine Create for WordPress, caused by improper neutralization of input during web page generation. Affected: Create by Mediavine versions n/a through 1.9.7. The vulnerability is documented as a cross-site scripting issue that stores user input and could affec...

6.5CVSS5.9AI score0.00279EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/21 12:0 a.m.5 views

PT-2024-27602 · Mediavine · Create By Mediavine

Name of the Vulnerable Software and Affected Versions: Create by Mediavine versions 1.9.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

6.5CVSS5.6AI score0.00279EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.5 views

PT-2024-27852 · Caxton · Caxton

Name of the Vulnerable Software and Affected Versions: Caxton – Create Pro page layouts in Gutenberg versions 1.30.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS,...

6.5CVSS6AI score0.00253EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/07/17 4:19 a.m.4 views

SUSE CVE-2022-48773

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdmaepcreate If there are failures then we must not leave the non-NULL pointers with the error value, otherwise rpcrdmaepdestroy gets confused and tries free them, resulting in an...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References9
NVD
NVD
added 2024/07/16 11:15 p.m.40 views

CVE-2024-21174

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to...

3.1CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 2024/07/16 1:15 p.m.16 views

CVE-2024-6435

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. Fo...

8.8CVSS0.00488EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 1:15 p.m.3 views

CVE-2024-6435

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. Fo...

8.8CVSS5.8AI score0.00488EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 1:0 p.m.31 views

CVE-2024-6435 Rockwell Automation Privilege Escalation Vulnerability in Pavilion8®

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. Fo...

8.7CVSS0.00488EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 12:15 p.m.2 views

DEBIAN-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

5.5CVSS5.6AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2024/07/16 12:15 p.m.25 views

CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

5.5CVSS0.00254EPSS
Exploits0References7
OSV
OSV
added 2024/07/16 12:15 p.m.1 views

UBUNTU-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

5.5CVSS6.6AI score0.00254EPSS
Exploits0References7
Rows per page
Query Builder