0.0
CVE-2021-47487 - kernel: drm/amdgpu: fix out of bounds write
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
4.7
CVE-2021-47493 - ocfs2: fix race between searching chunks and release journal_head from buffer_head
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journal_head from buffer_head Encountered a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head() resulting in the below vmcore. PID: 106879 TASKβ¦
5.5
CVE-2021-47466 - mm, slub: fix potential memoryleak in kmem_cache_open()
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by using __kmem_cache_release() to release all the relevant resources.
5.5
CVE-2021-47498 - dm rq: don't queue request to blk-mq during DM suspend
In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updating nr_requests or oβ¦
8.8
CVE-2024-3518 - Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode
The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode(s) in all versions up to, and including, 3.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fβ¦
6.1
CVE-2024-3519 - Media Library Assistant <= 3.15 - Reflected Cross-Site Scripting via lang
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the lang parameter in all versions up to, and including, 3.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary webβ¦
7.2
CVE-2024-21683 -
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiaβ¦
0.0
CVE-2024-5190 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
7.4
CVE-2024-35220 - @fastify/session reuses destroyed session cookie
@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the `expires` field is overriden if the `maxAge` field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not destrβ¦
8.5
CVE-2024-5040 - LCDS LAquis SCADA Path Traversal
There are multiple ways in LCDS LAquis SCADA for an attacker to access locations outside of their own directory.