Skip to main content
CVE-2024-53046 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-53045 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapm_widget_list_create The widgets array in the snd_soc_dapm_widget_list has a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-53044 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-53043 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50304 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50303 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walk_system_ram_res_rev must retain resource flags walk_system_ram_res_rev() erroneously discards resource flags. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-11098 MEDIUM This Month

The SVG Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.24 due to insufficient input sanitization and. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-50300 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: regulator: rtq2208: Fix uninitialized use of regulator_config Fix rtq2208 driver uninitialized use to cause kernel error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50296 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-50295 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dma_map_single/dma_unmap_single The ndev->dev and pdev->dev aren't the same device, use. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50292 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove In case of error when requesting ctrl_chan DMA channel,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50291 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: add missing buffer index check dvb_vb2_expbuf() didn't check if the given buffer index was for a valid buffer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50290 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-50289 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn:. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50288 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using > 32 buffers The maximum number of buffers that can be requested was increased to 64. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50287 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpg_precalculate_line() blindly. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-50285 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-50284 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xa_store error check xa_store() can fail, it return xa_err(-EINVAL) if the entry cannot be stored in an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50281 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait for. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50273 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: reinitialize delayed ref list after deleting it from the list At insert_delayed_ref() if we need to update the action of an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-50272 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50271 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts"). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Java Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50270 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid overflow in damon_feed_loop_next_input() damon_feed_loop_next_input() is inefficient and fragile to overflows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50266 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Lenovo Mozilla Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-50265 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Syzkaller is able to provoke null-ptr-dereference in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-51817 MEDIUM This Month

Missing Authorization vulnerability in CodeZel Combo WP Rewrite Slugs combo-wp-rewrite-slugs allows Exploiting Incorrectly Configured Access Control Security Levels.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-49689 MEDIUM This Month

Missing Authorization vulnerability in Harmonic Design HD Quiz - Save Results Light hd-quiz-save-results-light allows Exploiting Incorrectly Configured Access Control Security Levels.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-10268 MEDIUM PATCH This Month

The MP3 Audio Player - Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sonaar_audioplayer shortcode in all versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Mp3 Audio Player For Music Radio Podcast
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-52395 MEDIUM This Month

Missing Authorization vulnerability in QuantumCloud Floating Buttons for WooCommerce shop-assistant-for-woocommerce-jarvis allows Exploiting Incorrectly Configured Access Control Security Levels.8.8. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-52600 MEDIUM PATCH This Month

Statmatic is a Laravel and Git powered content management system (CMS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-53088 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Intel Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-52582 MEDIUM This Month

Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-50297 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts Enqueue packets in dql after dma engine starts causes race. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-50294 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. Rated medium severity (CVSS 4.7).

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-50277 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blk_alloc_disk fails If blk_alloc_disk fails, the variable md->disk is set to an error value. Rated medium severity (CVSS 4.7). This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-53052 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bump. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-50417 MEDIUM This Month

Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.1.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-52420 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-43338 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Automattic Crowdsignal Dashboard - Polls, Surveys & more polldaddy allows Cross Site Request Forgery.1.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-51669 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Kalmang Dynamic Widgets dynamic-widgets.6.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-51660 MEDIUM This Month

Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.2.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-49697 MEDIUM This Month

Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.2.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-49680 MEDIUM This Month

Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.5.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-51686 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Manage User Columns manage-user-columns allows Cross Site Request Forgery.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-51671 LOW Monitor

Missing Authorization vulnerability in Themeisle Otter - Gutenberg Block otter-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.0.3. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
2.7
EPSS
0.2%
Prev Page 7 of 7

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy