CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-48652
https://notcve.org/view.php?id=CVE-2024-48652
22 Oct 2024 — Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field. • https://github.com/paragbagul111/CVE-2024-48652 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48656
https://notcve.org/view.php?id=CVE-2024-48656
22 Oct 2024 — Cross Site Scripting vulnerability in student management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. • https://github.com/LeiPudd/Student-Management-System-v1.0-has-Cross-site-Scripting-XSS- • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48657
https://notcve.org/view.php?id=CVE-2024-48657
22 Oct 2024 — SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. • https://github.com/LeiPudd/Hospital-Management-System-v1.0-has-SQL-Injection-SQLDET- • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23862
https://notcve.org/view.php?id=CVE-2022-23862
22 Oct 2024 — Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the vulnerability to execute arbitrary code and elevate to the system user. • https://github.com/mbadanoiu/CVE-2022-23862 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50062 – RDMA/rtrs-srv: Avoid null pointer deref during path establishment
https://notcve.org/view.php?id=CVE-2024-50062
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/394b2f4d5e014820455af3eb5859eb328eaafcfd •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50059 – ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition
https://notcve.org/view.php?id=CVE-2024-50059
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/5126d8f5567f49b52e21fca320eaa97977055099 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50049 – drm/amd/display: Check null pointer before dereferencing se
https://notcve.org/view.php?id=CVE-2024-50049
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/f4149eec960110ffd5bcb161075dd9f1d7773075 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50046 – NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
https://notcve.org/view.php?id=CVE-2024-50046
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/0e65a32c8a569db363048e17a708b1a0913adbef •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50044 – Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
https://notcve.org/view.php?id=CVE-2024-50044
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/3241ad820dbb172021e0268b5611031991431626 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50040 – igb: Do not bring the device up after non-fatal error
https://notcve.org/view.php?id=CVE-2024-50040
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792 •