5.5
CVE-2024-53084 - drm/imagination: Break an object reference loop
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with eaโฆ
5.5
CVE-2024-53073 - NFSD: Never decrement pending_async_copies on error
In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), which already decrements nn->pending_async_copies.
6.5
CVE-2024-51939 - WordPress Stylish Internal Links plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Santhosh veer Stylish Internal Links stylish-internal-links allows DOM-Based XSS.This issue affects Stylish Internal Links: from n/a through <= 1.9.
6.5
CVE-2024-51940 - WordPress WP Responsive Video plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sohelwpexpert WP Responsive Video my-wp-responsive-video allows DOM-Based XSS.This issue affects WP Responsive Video: from n/a through <= 1.0.
6.5
CVE-2024-52339 - WordPress Mage Front End Forms plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maximilian Ruthe Mage Front End Forms mage-forms allows Stored XSS.This issue affects Mage Front End Forms: from n/a through <= 1.1.4.
6.5
CVE-2024-52340 - WordPress Photographer Connections plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MartyThornley Photographer Connections photographer-connections allows Stored XSS.This issue affects Photographer Connections: from n/a through <= 1.3.1.
2.7
CVE-2024-52587 - Harden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts`
StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to v2.10.2 contain multiple command injection weaknesses via environment variables that could potentially be exploited under sโฆ
6.5
CVE-2024-52341 - WordPress OS Our Team plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Offshorent Solutions Pvt Ltd OS Our Team os-our-team allows Stored XSS.This issue affects OS Our Team: from n/a through <= 1.7.
6.5
CVE-2024-52342 - WordPress OS BXSlider plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Offshorent Solutions Pvt Ltd OS BXSlider os-bxslider allows Stored XSS.This issue affects OS BXSlider: from n/a through <= 2.6.
6.5
CVE-2024-52343 - WordPress OS Pricing Tables plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Offshorent Solutions Pvt Ltd OS Pricing Tables os-pricing-tables allows Stored XSS.This issue affects OS Pricing Tables: from n/a through <= 1.2.