CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-12181 – DedeCMS SWF File uploads_add.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-12181
04 Dec 2024 — A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploads_add.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hebing123/cve/issues/77 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-12180 – DedeCMS article_add.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-12180
04 Dec 2024 — A vulnerability classified as problematic has been found in DedeCMS 5.7.116. Affected is an unknown function of the file /member/article_add.php. The manipulation of the argument body leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hebing123/cve/issues/76 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-53138 – net/mlx5e: kTLS, Fix incorrect page refcounting
https://notcve.org/view.php?id=CVE-2024-53138
04 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of get_page() and page_ref_inc() APIs to increment the page reference. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of get_page() and page_ref_inc() APIs to increment the page reference. ... • https://git.kernel.org/stable/c/84d1bb2b139e0184b1754aa1b5776186b475fce8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53134 – pmdomain: imx93-blk-ctrl: correct remove path
https://notcve.org/view.php?id=CVE-2024-53134
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/e9aa77d413c903ba4cf7da3fe0b419cae5b97a81 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53133 – drm/amd/display: Handle dml allocation failure to avoid crash
https://notcve.org/view.php?id=CVE-2024-53133
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/874ff59cde8fc525112dda26b501a1bac17dde9f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53131 – nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
https://notcve.org/view.php?id=CVE-2024-53131
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/5305cb830834549b9203ad4d009ad5483c5e293f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53129 – drm/rockchip: vop: Fix a dereferenced before check warning
https://notcve.org/view.php?id=CVE-2024-53129
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/5ddb0bd4ddc35d9c9376d109398f84277bb8d25e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53128 – sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers
https://notcve.org/view.php?id=CVE-2024-53128
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/397383db9c69470642ac95beb04f2150928d663b •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53126 – vdpa: solidrun: Fix UB bug with devres
https://notcve.org/view.php?id=CVE-2024-53126
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/51a8f9d7f587290944d6fc733d1f897091c63159 •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-53125 – bpf: sync_linked_regs() must preserve subreg_def
https://notcve.org/view.php?id=CVE-2024-53125
04 Dec 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/75748837b7e56919679e02163f45d5818c644d03 •