5.3
CVE-2024-5111 - Campcodes Complete Web-Based School Management System student_payment_invoice1.php sql injection
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/student_payment_invoice1.php. The manipulation of the argument date leads to sql injection. It is possible to initiate the attacβ¦
5.3
CVE-2024-5110 - Campcodes Complete Web-Based School Management System student_payment_invoice.php sql injection
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/student_payment_invoice.php. The manipulation of the argument index leads to sql injection. The attack may be lauβ¦
5.3
CVE-2024-5109 - Campcodes Complete Web-Based School Management System student_payment_history.php sql injection
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view/student_payment_history.php. The manipulation of the argument index leads to sql injection. The attackβ¦
5.3
CVE-2024-5108 - Campcodes Complete Web-Based School Management System student_payment_details4.php sql injection
A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/student_payment_details4.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attaβ¦
5.5
CVE-2024-35993 - mm: turn folio_test_hugetlb into a PageType
In the Linux kernel, the following vulnerability has been resolved: mm: turn folio_test_hugetlb into a PageType The current folio_test_hugetlb() can be fooled by a concurrent folio split into returning true for a folio which has never belonged to hugetlbfs. This can't happen if the caller holds β¦
7.8
CVE-2024-35949 - btrfs: make sure that WRITTEN is set on all metadata blocks
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if we had WRITTEN setβ¦
5.5
CVE-2024-36009 - ax25: Fix netdev refcount issue
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tracker of ax25_cb should be deallocated in ax25_kill_by_device() instead of the dev_tracker of ax25_dβ¦
5.5
CVE-2024-36005 - netfilter: nf_tables: honor table dormant flag from netdev release event path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. [524854.857999] ------------[ cut hβ¦
5.5
CVE-2024-35991 - dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queue_work() while drain_woβ¦
5.5
CVE-2024-35992 - phy: marvell: a3700-comphy: Fix out of bounds read
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_init_fix)'. Make sure 'gbe_phy_init[addr]' β¦