Latest CVE Feed
-
0.0
NONECVE-2024-46744
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46741
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix double free of 'buf' in error path smatch warning: drivers/misc/fastrpc.c:1926 fastrpc_req_mmap() error: double free of 'buf' In fastrpc_req_mmap() error path, the f... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46740
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is cop... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46751
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an er... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46749
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() This adds a check before freeing the rx->skb in flush and close functions to handle the kernel crash seen while r... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-7254
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownField... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46748
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT Set the maximum size of a subrequest that writes to cachefiles to be MAX_RW_COUNT so that we don't overrun the maxim... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46747
In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifying that the report descriptor size was correct before acc... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46746
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks aren't called anymore once hid_destroy_device() has been called. Hence, hid driver_data should be freed o... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-47085
This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters “cCdslClicentcode” and “cLdClientCode” in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating par... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-47086
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authen... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-47087
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating parameters in the API r... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-47088
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack on login OTP, which co... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-47089
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-8986
The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`. If credentials are included in the repository URI (fo... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46745
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46737
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NUL... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46735
In the Linux kernel, the following vulnerability has been resolved: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() When two UBLK_CMD_START_USER_RECOVERY commands are submitted, the first one sets 'ubq->ubq_daemon' to NULL, and the ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-7785
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ece Software Electronic Ticket System allows Reflected XSS, Cross-Site Scripting (XSS).This issue affects Electronic Ticket System: before 2024.08... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46743
In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address smaller than the interrupt parent node (from #address-ce... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024