Skip to main content
CVE-2024-27104 MEDIUM PATCH This Month

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Glpi
NVD GitHub
CVSS 3.1
4.8
EPSS
0.7%
CVE-2024-26631 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26638 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg->msg_get_inq value can be uninitialized [1] struct msghdr. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Google Linux Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy