3.5
CVE-2024-3525 - Campcodes Online Event Management System index.php cross site scripting
A vulnerability, which was classified as problematic, was found in Campcodes Online Event Management System 1.0. Affected is an unknown function of the file /views/index.php. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploiβ¦
3.1
CVE-2024-28344 -
An Open Redirect vulnerability was found in Sipwise C5 NGCP Dashboard below mr11.5.1. The Open Redirect vulnerability allows attackers to control the "back" parameter in the URL through a double encoded URL.
5.5
CVE-2021-47199 - net/mlx5e: CT, Fix multiple allocations and memleak of mod acts
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts CT clear action offload adds additional mod hdr actions to the flow's original mod actions in order to clear the registers which hold ct_state. When such flow also iβ¦
5.5
CVE-2024-26815 - net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENTRY_INDEX]); if (tcβ¦
5.5
CVE-2021-47209 - sched/fair: Prevent dead task groups from regaining cfs_rq's
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Prevent dead task groups from regaining cfs_rq's Kevin is reporting crashes which point to a use-after-free of a cfs_rq in update_blocked_averages(). Initial debugging revealed that we've live cfs_rq's (on_list=1) in β¦
5.5
CVE-2021-47201 - iavf: free q_vectors before queues in iavf_disable_vf
In the Linux kernel, the following vulnerability has been resolved: iavf: free q_vectors before queues in iavf_disable_vf iavf_free_queues() clears adapter->num_active_queues, which iavf_free_q_vectors() relies on, so swap the order of these two function calls in iavf_disable_vf(). This resolves β¦
5.5
CVE-2021-47181 - usb: musb: tusb6010: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
5.5
CVE-2021-47187 - arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPβ¦
7.3
CVE-2024-3624 - Mirror-registry: database user and password stored in plain-text
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.
4.4
CVE-2021-47196 - RDMA/core: Set send and receive CQ before forwarding to the driver
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite it later again till the mlx4 is going to be changed do not overwrite ibqp propβ¦