VulDB Recent Entries

A vulnerability has been found in Linux Kernel up to 6.1.121/6.6.67/6.12.6 and classified as critical. This vulnerability affects the function nsim_dev_health_break_write of the component netdevsim. The manipulation leads to denial of service. This vulnerability was named CVE-2024-56716. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.121/6.6.67/6.12.6. This affects the function register_netdev of the component ionic. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2024-56715. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.6. Affected by this issue is the function ionic_reset_prepare of the component AER Handler. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-56714. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.6. Affected by this vulnerability is the function nsim_pp_hold_write of the component netdevsim. The manipulation of the argument return leads to unchecked return value. This vulnerability is known as CVE-2024-56713. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.6. Affected is the function drm_mode_duplicate. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-56711. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.6. It has been rated as critical. This issue affects the function ceph_direct_read_write. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2024-56710. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.67/6.12.6. It has been declared as problematic. This vulnerability affects the function stmmac_tso_xmit. The manipulation leads to allocation of resources. This vulnerability was named CVE-2024-56719. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.121/6.6.67/6.12.6. It has been classified as problematic. This affects the function ocelot_ifh_set_basic in the library lib/packing.c of the file net/dsa/tag_ocelot.c of the component mscc. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2024-56717. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.6 and classified as critical. Affected by this issue is the function export_udmabuf of the component udmabuf. The manipulation leads to memory leak. This vulnerability is handled as CVE-2024-56712. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component RDMA. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-56722. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-13029. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The identification of this vulnerability is CVE-2024-13028. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Crypt::Random::Source up to 0.12 on Perl. This vulnerability affects the function rand. The manipulation leads to cryptographically weak prng. This vulnerability was named CVE-2018-25107. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in GNU Grub2 up to 2.12. This affects the function grub_crypto_memcmp. The manipulation leads to observable timing discrepancy. This vulnerability is uniquely identified as CVE-2024-56738. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in GNU Grub2 up to 2.12. It has been rated as critical. Affected by this issue is some unknown functionality of the file fs/hfs.c of the component HFS Filesystem Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-56737. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in kstover Ninja Forms Plugin up to 3.8.22 on WordPress. It has been declared as critical. Affected by this vulnerability is the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection. This vulnerability is known as CVE-2024-12238. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. This vulnerability is traded as CVE-2024-13025. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /campaign.php. The manipulation of the argument cname leads to sql injection. The identification of this vulnerability is CVE-2024-13024. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/search-maid.php of the component Search Maid Page. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability was named CVE-2024-13023. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument file leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-13022. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.