Lucene search
K

6038 matches found

Cvelist
Cvelist
added 2024/09/20 12:0 a.m.13 views

CVE-2024-46654

A stored cross-site scripting XSS vulnerability in the Add Scheduled Task module of Maccms10 v2024.1000.4040 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

0.00235EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/20 12:0 a.m.16 views

CVE-2024-46654

A stored cross-site scripting XSS vulnerability in the Add Scheduled Task module of Maccms10 v2024.1000.4040 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.6AI score0.00235EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/20 12:0 a.m.6 views

PT-2024-32096 · Maccms10 · Maccms10

Name of the Vulnerable Software and Affected Versions: Maccms10 version 2024.1000.4040 Description: A stored cross-site scripting XSS vulnerability in the Add Scheduled Task module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For Maccms10 versi...

4.8CVSS5.3AI score0.00235EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/09/20 12:0 a.m.5 views

PT-2024-39375 · Unknown · Crmgo Saas

Name of the Vulnerable Software and Affected Versions: CodeCanyon CRMGo SaaS versions up to 7.2 Description: A problematic issue has been found in the software, affecting some unknown processing of the file "/project/task/task id/show". The manipulation of the comment argument leads to cross-site...

5.4CVSS4.2AI score0.0033EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/09/20 12:0 a.m.4 views

WorkDo CRMGo 跨站脚本漏洞

WorkDo CRMGo is a project, accounting, lead, transaction, and human resource management tool from WorkDo, Inc. A cross-site scripting vulnerability exists in WorkDo CRMGo version 7.2 and prior versions, which stems from the comment parameter in the /project/task/taskid/show file containing a...

5.4CVSS4.5AI score0.0033EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/18 4:7 p.m.2 views

pulpcore: RBAC permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...

8.3CVSS6.8AI score0.0061EPSS
Exploits0References6
OSV
OSV
added 2024/09/18 12:52 p.m.21 views

SUSE-SU-2024:3304-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 The following non-security bugs were fixed: - powerpc: Remove support for PowerPC 601 Remove...

7.8CVSS7.7AI score0.00244EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/09/18 12:24 a.m.6 views

kernel: sched/deadline: Fix task_struct reference leak

A vulnerability was found in the Linux kernel's deadline scheduler in the enqueuetaskdl function, where the reference count is improperly decremented in certain situations, potentially causing a memory leak. This issue can lead to memory exhaustion over time...

5.5CVSS7.2AI score0.00272EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/18 12:9 a.m.6 views

kernel: sched/deadline: Fix task_struct reference leak

A vulnerability was found in the Linux kernel's deadline scheduler in the enqueuetaskdl function, where the reference count is improperly decremented in certain situations, potentially causing a memory leak. This issue can lead to memory exhaustion over time...

5.5CVSS7.2AI score0.00272EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/09/11 3:13 p.m.12 views

CVE-2024-45017 net/mlx5: Fix IPsec RoCE MPV trace call

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not allowing IPsec creation over a slave, if master device doesn't support IPsec. WARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240...

6.9AI score0.00183EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/09/10 7:0 a.m.162 views

September 10, 2024—KB5043080 (OS Build 26100.1742)

September 10, 2024—KB5043080 OS Build 26100.1742 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboard...

9.8CVSS7.5AI score0.51883EPSS
Exploits3
Debian CVE
Debian CVE
added 2024/09/04 7:54 p.m.12 views

CVE-2024-44991

In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of tcpskexitbatch Its possible that two threads call tcpskexitbatch concurrently, once from the cleanupnet workqueue, once from a task that failed to clone a new netns. In the latter case, error...

5.5CVSS5.8AI score0.00245EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/04 7:54 p.m.22 views

CVE-2024-44989 bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

0.00239EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.4 views

PT-2024-31419 · Ibm · Webmethods Integration

Name of the Vulnerable Software and Affected Versions: IBM webMethods Integration version 10.15 Description: The issue allows an authenticated user to create scheduler tasks, enabling them to escalate their privileges to administrator due to missing authentication. This can lead to unauthorized...

8.8CVSS7.2AI score0.00445EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.3 views

IBM webMethods Integration 安全漏洞

IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. An elevation of privilege vulnerability exists in IBM webMethods Integration version 10.15, which can be exploited by an authenticated attacker to create scheduler tasks that elevate their privileges...

8.8CVSS6.8AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/02 12:0 a.m.3 views

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.0.0 and prior versions, which stems from a background task management privilege bypass vulnerability...

5.5CVSS6.8AI score0.00151EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/08/30 6:17 a.m.18 views

New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads

Chinese-speaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. "The attackers managed to move laterally, establish persistence and remain undetected within the systems...

8.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2024/08/26 12:15 p.m.17 views

CVE-2024-44941

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to cover read extent cache access with lock syzbot reports a f2fs bug as below: BUG: KASAN: slab-use-after-free in sanitycheckextentcache+0x370/0x410 fs/f2fs/extentcache.c:46 Read of size 4 at addr ffff8880739ab220 by...

7.8CVSS6.6AI score0.00213EPSS
Exploits0References10
NVD
NVD
added 2024/08/25 2:15 a.m.51 views

CVE-2024-8140

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file update-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack may be launched remotely. The...

5.4CVSS0.00371EPSS
Exploits1References5
OSV
OSV
added 2024/08/25 2:15 a.m.4 views

CVE-2024-8140

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file update-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack may be launched remotely. The...

5.4CVSS3.8AI score0.00371EPSS
Exploits1References5
Rows per page
Query Builder