4.7
CVE-2024-6879 - Quiz and Survey Master (QSM) < 9.1.1 - Contributor+ Stored XSS
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows contributor and above roles to perform Stored Cross-Site Scripting (XSS) attacks.
9.8
CVE-2024-8073 - Command Injection Vulnerability in Hillstone Networks Web Application Firewall
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application Firewall on 5.5R6 allows Command Injection.This issue affects Hillstone Networks Web Application Firewall: fromΒ 5.5R6-2.6.7 through 5.5R6-2.8.13.
7.5
CVE-2024-41996 - openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHEβ¦
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource β¦
5.4
CVE-2024-44797 -
A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the view parameter.
7.8
CVE-2024-44942 - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted β¦
5.5
CVE-2024-43907 - drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference
5.5
CVE-2024-43902 - drm/amd/display: Add null checker before passing variables
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.
5.5
CVE-2024-44939 - jfs: fix null ptr deref in dtInsertEntry
In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000008-0x0000β¦
4.7
CVE-2024-43891 - tracing: Have format file honor EVENT_FILE_FL_FREED
In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENT_FILE_FL_FREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would β¦
5.5
CVE-2024-43908 - drm/amdgpu: Fix the null pointer dereference to ras_manager
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it