Latest CVE Feed
-
5.3
CVSS31CVE-2024-8892
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP pro... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
8.0
CVSS31CVE-2024-8890
An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure ... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
9.3
CVSS31CVE-2024-8889
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP pro... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
10.0
CVSS31CVE-2024-8888
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. Token theft can originate... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-6406
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
6.5
CVSS31CVE-2024-5682
Improper Restriction of Excessive Authentication Attempts vulnerability in Yordam Information Technology Yordam Library Automation System allows Interface Manipulation.This issue affects Yordam Library Automation System: before 20.1.... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
4.9
CVSS31CVE-2024-43188
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation.... Read more
Affected Products : business_automation_workflow- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
10.0
CVSS31CVE-2024-8887
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalitie... Read more
Affected Products :- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46801
In the Linux kernel, the following vulnerability has been resolved: libfs: fix get_stashed_dentry() get_stashed_dentry() tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereferen... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46800
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_ba... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46799
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereference during XDP_TX. ~# ethtool -L eth0 tx 1 ~# ./xdp-traff... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46798
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the following extra config, - CONFIG_KASAN=y - CONFIG_KASAN_GENERIC=y - CONFIG_KASAN_INLINE=y - CONFIG... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46797
In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_spin_lock_slowpath() after we increment qnodesp->count and before node->lock is initialized, another CPU mi... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46796
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_set_path_size() If smb2_compound_op() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() before r... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46794
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmio_read() unintentionally exposes... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46793
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder Since commit 13f58267cda3 ("ASoC: soc.h: don't create dummy Component via COMP_DUMMY()") dummy codecs declared like ... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46792
In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code allowed userspace to access any virtual memory address.... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46791
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt handler so that no... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024
-
0.0
NONECVE-2024-46790
In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PG_hwpoison pages are freed they are treated differently in free_pages_prepare() and instead of being released they are iso... Read more
Affected Products : linux_kernel- Published: Sep. 18, 2024
- Modified: Sep. 18, 2024