6.1

CVSS3.1

CVE-2023-44040 -

In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting (XSS) vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 24, 2025, 2:53 p.m.

9.8

CVSS3.1

CVE-2024-28515 -

Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2024-26766 - IB/hfi1: Fix sdma.h tx->num_descs off-by-one error

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `sendmsg` system cal…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 12:54 p.m.

5.3

CVSS3.1

CVE-2024-26731 - bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000 [...] RIP: 0010:…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 12:54 p.m.

5.4

CVSS3.1

CVE-2024-28836 -

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server i…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: June 27, 2025, 5:46 p.m.

5.3

CVSS3.1

CVE-2024-30570 -

An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 4, 2025, 4:32 p.m.

7.1

CVSS3.1

CVE-2023-52640 - fs/ntfs3: Fix oob in ntfs_listxattr

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 7:40 a.m.

7.8

CVSS3.1

CVE-2023-52637 - can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)

In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Lock jsk->sk to prevent UAF when setsockopt(..., SO_J1939_FILTER, ...) modifies jsk->filters while receiving packets. Following trace was seen on af…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 7:40 a.m.

4.4

CVSS3.1

CVE-2024-26769 - nvmet-fc: avoid deadlock on delete association path

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work into its own work ite…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: Dec. 20, 2025, 8:51 a.m.

9.8

CVSS3.1

CVE-2024-30998 -

SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 8, 2025, 3:43 p.m.
Total resulsts: 349182
Page 10464 of 34,919
Β« previous page Β» next page
Filters