5.3
CVE-2024-13000 - PHPGurukul Small CRM quote-details.php sql injection
A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the β¦
5.3
CVE-2024-12999 - PHPGurukul Small CRM edit-user.php sql injection
A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the puβ¦
7.5
CVE-2018-25107 -
The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.
5.3
CVE-2024-56738 - grub2: Observable Timing Discrepancy resulting side-channel attacks
GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.
5.5
CVE-2024-56755 - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after aβ¦
5.5
CVE-2024-56754 - crypto: caam - Fix the pointer passed to caam_qi_shutdown()
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct device *". Pass thβ¦
5.5
CVE-2024-56728 - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp().
5.5
CVE-2024-56723 - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices
In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when plaβ¦
5.5
CVE-2024-56713 - net: netdevsim: fix nsim_pp_hold_write()
In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsim_pp_hold_write() nsim_pp_hold_write() has two problems: 1) It may return with rtnl held, as found by syzbot. 2) Its return value does not propagate an error if any.
5.5
CVE-2024-56753 - drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module This commit addresses an omission in the previous patch related to the cleaner shader support for GFX9 hardware. Specifically, it adds the necessary deinitiaβ¦