CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42114 – wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
https://notcve.org/view.php?id=CVE-2024-42114
30 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/52539ca89f365d3db530535fbffa88a3cca4d2ec • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42109 – netfilter: nf_tables: unconditionally flush pending work before notifier
https://notcve.org/view.php?id=CVE-2024-42109
30 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f22954f8c58fd5f5489f5980796914e306757e77 •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-42102 – Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"
https://notcve.org/view.php?id=CVE-2024-42102
30 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e • CWE-369: Divide By Zero •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39012
https://notcve.org/view.php?id=CVE-2024-39012
30 Jul 2024 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39010
https://notcve.org/view.php?id=CVE-2024-39010
30 Jul 2024 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/af7a746df91ab5e944bd7a186816c262 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38986
https://notcve.org/view.php?id=CVE-2024-38986
30 Jul 2024 — Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects. • https://gist.github.com/mestrtee/b20c3aee8bea16e1863933778da6e4cb • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41304
https://notcve.org/view.php?id=CVE-2024-41304
30 Jul 2024 — An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3 allows attackers to execute arbitrary code via a crafted SVG file. • https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-SVG-Stored-Cross-Site-Scripting • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38984
https://notcve.org/view.php?id=CVE-2024-38984
30 Jul 2024 — Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. • https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38909
https://notcve.org/view.php?id=CVE-2024-38909
30 Jul 2024 — Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc. • http://elfinder.com •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38983
https://notcve.org/view.php?id=CVE-2024-38983
30 Jul 2024 — Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the _assign() method at (/lib/index.js:91) Prototype Pollution en alykoshin mini-deep-assign v0.0.8 permite a un atacante ejecutar código arbitrario o causar una denegación de servicio (DoS) y causar otros impactos a través del método _assign() en (/lib/index.js:91) • https://gist.github.com/mestrtee/f82d0c3a8fe3a125f06425caef5d22ed • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •