Latest CVE Feed
-
0.0
NONECVE-2024-46742
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) and parse_lease_state() return NULL. ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46739
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary c... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46738
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46734
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the oth... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-45861
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-45862
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-8375
There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, ... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46736
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46732
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any errors that occu... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46731
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46726
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure index calculation will not overflow [WHY & HOW] Make sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation will never overflow and exceess array size. This... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-31570
libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-8652
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ htt... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-8653
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ ht... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-8651
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibl... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46721
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile->parent->dents[AAFS_PROF_DIR] could be NULL only if its parent is made from __create_missing_ancestors(..) and 'ent->old' is NULL... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46719
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, uc... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-25673
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection.... Read more
Affected Products :- Published: Sep. 19, 2024
- Modified: Sep. 19, 2024
-
0.0
NONECVE-2024-46717
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1) No skb created yet 2) header_size == 0 (no SHAMPO header) 3) header_index + 1 % MLX5E_SHAMPO_WQ_HEADER_P... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024