Latest CVE Feed
-
0.0
NONECVE-2024-47687
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which never got initialized in the first place. This patch add... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47686
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors ... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47685
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
5.5
CVSS31CVE-2024-47684
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-47683
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47682
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() ma... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
5.5
CVSS31CVE-2024-47681
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 drive... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-47680
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47679
In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a ... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
0.0
NONECVE-2024-47678
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_al... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
5.5
CVSS31CVE-2024-47677
In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_u... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
7.8
CVSS31CVE-2024-47676
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current... Read more
Affected Products : linux_kernel- Published: Oct. 21, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-47675
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's with... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
7.6
CVSS31CVE-2024-47328
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Automation By Autonami allows SQL Injection.This issue affects Automation By Autonami: from n/a through 3.1.2.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
6.5
CVSS31CVE-2024-43945
Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
7.2
CVSS31CVE-2024-8625
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
8.8
CVSS31CVE-2024-10202
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
8.8
CVSS31CVE-2024-10201
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
7.5
CVSS31CVE-2024-10200
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024
-
8.8
CVSS31CVE-2024-43689
Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. By processing a specially crafted HTTP request, arbitrary code may be executed.... Read more
Affected Products :- Published: Oct. 21, 2024
- Modified: Oct. 21, 2024