Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35900 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-50015 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by user(See signal handling in dax_iomap_iter()), the copied data will be returned and added on inode size, which means that the length of written extents may exceed the inode size, then fsck will fail. An example is given as: dd if=/dev/urandom of=file bs=4M count=1 dax_iomap_rw iomap_iter // round 1 ext4_iomap_begin ext4_iomap_alloc // allocate 0~2M extents(written flag) dax_iomap_iter // copy 2M data iomap_iter // round 2 iomap_iter_advance iter->pos += iter->processed // iter->pos = 2M ext4_iomap_begin ext4_iomap_alloc // allocate 2~4M extents(written flag) dax_iomap_iter fatal_signal_pending done = iter->pos - iocb->ki_pos // done = 2M ext4_handle_inode_extension ext4_update_inode_size // inode size = 2M fsck reports: Inode 13, i_size is 2097152, should be 4194304. Fix? Fix the problem by truncating extents if the written length is smaller than expected.
CVE-2024-50010 1 Linux 1 Linux Kernel 2026-06-17 N/A 4.7 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy path_noexec check Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two commits: 633fb6ac3980 ("exec: move S_ISREG() check earlier") 0fd338b2d2cd ("exec: move path_noexec() check earlier") Instead of being removed said checks are WARN_ON'ed instead, which has some debug value. However, the spurious path_noexec check is racy, resulting in unwarranted warnings should someone race with setting the noexec flag. One can note there is more to perm-checking whether execve is allowed and none of the conditions are guaranteed to still hold after they were tested for. Additionally this does not validate whether the code path did any perm checking to begin with -- it will pass if the inode happens to be regular. Keep the redundant path_noexec() check even though it's mindless nonsense checking for guarantee that isn't given so drop the WARN. Reword the commentary and do small tidy ups while here. [brauner: keep redundant path_noexec() check]
CVE-2024-50008 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`. With this, fix the following warning: elo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------ elo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field "ext_scan->tlv_buffer" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1) elo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]
CVE-2024-50004 1 Linux 1 Linux Kernel 2026-06-17 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 [WHY & HOW] Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system hang. Remove EnhancedPrefetchScheduleAccelerationFinal value override to match HW spec. (cherry picked from commit 9dad21f910fcea2bdcff4af46159101d7f9cd8ba)
CVE-2024-4941 1 Gradio Project 1 Gradio 2026-06-17 N/A 7.5 HIGH
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as JSON. If the parsed JSON object contains a `path` key, the specified file is moved to a temporary directory, making it possible to retrieve it later via the `/file=..` endpoint. This issue is due to the `processing_utils.move_files_to_cache()` function traversing any object passed to it, looking for a dictionary with a `path` key, and then copying the specified file to a temporary directory. The vulnerability can be exploited by an attacker to read files on the remote system, posing a significant security risk.
CVE-2024-4885 1 Progress 1 Whatsup Gold 2026-06-17 N/A 9.8 CRITICAL
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.
CVE-2024-4883 1 Progress 1 Whatsup Gold 2026-06-17 N/A 9.8 CRITICAL
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe.
CVE-2024-4877 2 Microsoft, Openvpn 2 Windows, Openvpn 2026-06-17 N/A 8.8 HIGH
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
CVE-2024-4837 1 Progress 1 Telerik Report Server 2026-06-17 N/A 5.3 MEDIUM
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability.
CVE-2024-4774 1 Mozilla 1 Firefox 2026-06-17 N/A 6.5 MEDIUM
The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126.
CVE-2024-4766 2 Google, Mozilla 2 Android, Firefox 2026-06-17 N/A 4.3 MEDIUM
Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.
CVE-2024-4692 1 Microfocus 1 Application Automation Tools 2026-06-17 N/A 2.4 LOW
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4665 1 Metagauss 1 Eventprime 2026-06-17 N/A 6.4 MEDIUM
The EventPrime WordPress plugin before 3.5.0 does not properly validate permissions when updating bookings, allowing users to change/cancel bookings for other users. Additionally, the feature is lacking a nonce.
CVE-2024-4660 1 Gitlab 1 Gitlab 2026-06-17 N/A 6.5 MEDIUM
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates.
CVE-2024-4620 1 Reputeinfosystems 1 Arforms 2026-06-17 N/A 9.8 CRITICAL
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form
CVE-2024-4596 1 Kimai 1 Kimai 2026-06-17 2.6 LOW 3.7 LOW
A vulnerability was found in Kimai up to 2.15.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Session Handler. The manipulation of the argument PHPSESSIONID leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 2.16.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-263318 is the identifier assigned to this vulnerability.
CVE-2024-4565 1 Advancedcustomfields 1 Advanced Custom Fields 2026-06-17 N/A 6.5 MEDIUM
The Advanced Custom Fields (ACF) WordPress plugin before 6.3, Advanced Custom Fields Pro WordPress plugin before 6.3 allows you to display custom field values for any post via shortcode without checking for the correct access
CVE-2024-4563 1 Progress 1 Moveit Automation 2026-06-17 N/A 6.1 MEDIUM
The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.
CVE-2024-4428 1 Menulux 1 Managment Portal 2026-06-17 N/A 9.8 CRITICAL
Missing Authentication for Critical Function, Missing Authorization vulnerability in Menulux Information Technologies Managment Portal allows Collect Data as Provided by Users. This issue affects Managment Portal: through 21.05.2024.
CVE-2024-4367 3 Debian, Mozilla, Open-xchange 4 Debian Linux, Firefox, Thunderbird and 1 more 2026-06-17 N/A 8.8 HIGH
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.