Latest CVE Feed
-
5.3
CVSS31CVE-2024-31167
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack13. This issue affects libfluid... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
6.5
CVSS31CVE-2024-31166
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
5.3
CVSS31CVE-2024-31165
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::SetFieldAction::unpack. This issue affects libflui... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
5.3
CVSS31CVE-2024-31164
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13. This issue affects libfluid: 0.1.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
5.3
CVSS31CVE-2024-23916
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack. This issue affects libfluid: 0.1.0.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
5.3
CVSS31CVE-2024-23915
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack. This issue affects libflu... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
5.3
CVSS31CVE-2024-8892
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP pro... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
8.0
CVSS31CVE-2024-8890
An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure ... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
9.3
CVSS31CVE-2024-8889
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP pro... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
10.0
CVSS31CVE-2024-8888
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. Token theft can originate... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-6406
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
4.9
CVSS31CVE-2024-43188
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.... Read more
Affected Products : business_automation_workflow- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
10.0
CVSS31CVE-2024-8887
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalitie... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46801
In the Linux kernel, the following vulnerability has been resolved: libfs: fix get_stashed_dentry() get_stashed_dentry() tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereferen... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46800
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_ba... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46799
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereference during XDP_TX. ~# ethtool -L eth0 tx 1 ~# ./xdp-traff... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46798
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the following extra config, - CONFIG_KASAN=y - CONFIG_KASAN_GENERIC=y - CONFIG_KASAN_INLINE=y - CONFIG... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46797
In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_spin_lock_slowpath() after we increment qnodesp->count and before node->lock is initialized, another CPU mi... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46796
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_set_path_size() If smb2_compound_op() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() before r... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024