NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:Dec. 28, 2024, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
151	-	-	-	-	A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manip… New	-	CVE-2024-12926	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

152	-	-	-	-	The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin ad… Update	-	CVE-2024-11607	2024-12-28 00:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

153	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() If we fail to allocate memory for cb_data by kmalloc, th… New	-	CVE-2024-56546	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

154	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by un… New	-	CVE-2024-56538	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

155	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_disp: layer may be null while releasing layer->info can be null if we have an error on the first layer in zynqm… New	-	CVE-2024-56537	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

156	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: cw1200: Fix potential NULL dereference A recent refactoring was identified by static analysis to cause a potential NULL der… New	-	CVE-2024-56536	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

157	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() kmalloc may fail, return value might be NULL and will caus… New	-	CVE-2024-56535	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

158	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lon… New	-	CVE-2024-56533	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

159	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6… New	-	CVE-2024-53239	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

160	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for ever… New	-	CVE-2024-53236	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

161	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta[1] lclusters gracefully syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/i… New	-	CVE-2024-53234	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

162	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() cpufreq_cpu_get_raw() may return NULL if the cpu is not in p… New	-	CVE-2024-53231	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

163	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() cpufreq_cpu_get_raw() may return NULL if the cpu is not in pol… New	-	CVE-2024-53230	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

164	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvm_riscv_vcpu_sbi_init() the entry->ext_idx can contain an out-of-bound index. Thi… New	-	CVE-2024-53228	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

165	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argumen… New	-	CVE-2024-53226	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

166	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift When configuring a kernel with PAGE_SIZE=4KB, depending on its setting… New	-	CVE-2024-53225	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

167	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no a… New	-	CVE-2024-53217	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

168	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed tw… New	-	CVE-2024-53213	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

169	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsk_timer_handler(). The cited commit replaced inet_csk_reqsk_queue_drop_and_put() with __in… New	-	CVE-2024-53206	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

170	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe In rtk_usb2phy_probe() devm_kzalloc() may return NULL but this returned va… New	-	CVE-2024-53205	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

171	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtk_usb3phy_probe In rtk_usb3phy_probe() devm_kzalloc() may return NULL but this returned va… New	-	CVE-2024-53204	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

172	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via deb… New	-	CVE-2024-53203	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

173	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix possible resource leak in fw_log_firmware_info() The alg instance should be released under the exception pat… New	-	CVE-2024-53202	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

174	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference … New	-	CVE-2024-53201	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

175	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp This commit addresses a null pointer dereference issu… New	-	CVE-2024-53200	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

176	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-audmix: Add NULL check in imx_audmix_probe devm_kasprintf() can return a NULL pointer on failure,but this returned valu… New	-	CVE-2024-53199	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

177	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations … New	-	CVE-2024-53197	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

178	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix warning when unbinding If there is an error during some initialization related to firmware, the buffers dp->tx_… New	-	CVE-2024-53191	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

179	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix bounds checker error in nl80211_parse_sched_scan The channels array in the cfg80211_scan_request has a __count… New	-	CVE-2024-53189	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

180	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: io_uring: check for overflows in io_pin_pages WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_urin… New	-	CVE-2024-53187	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

181	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its … New	-	CVE-2024-53180	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

182	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at th… New	-	CVE-2024-53173	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

183	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever r… New	-	CVE-2024-53165	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

184	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a c… New	-	CVE-2024-53164	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

185	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object->file At present, the object->file has the NULL pointer dereference problem in… New	-	CVE-2024-56549	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

186	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop de… New	-	CVE-2024-56548	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

187	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: streamline driver probe to avoid devres issues It was found that unloading 'hid_hyperv' module results in a devres c… New	-	CVE-2024-56545	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

188	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8 n_barrie… New	-	CVE-2024-56547	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

189	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGE_SIZE 4096, MAX_PAGE_ORDER 10, 64bit machine, page_alloc only supp… New	-	CVE-2024-56544	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

190	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all… New	-	CVE-2024-56543	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

191	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a memleak issue when driver is removed Running "modprobe amdgpu" the second time (followed by a modprobe -r … New	-	CVE-2024-56542	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

192	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(), ath12k_mac_dest… New	-	CVE-2024-56541	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

193	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling… New	-	CVE-2024-56540	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

194	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array… New	-	CVE-2024-56539	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

195	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: isofs: avoid memory leak in iocharset A memleak was found as below: unreferenced object 0xffff0000d10164d8 (size 8): comm "poo… New	-	CVE-2024-56534	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

196	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lo… New	-	CVE-2024-56532	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

197	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lon… New	-	CVE-2024-56531	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

198	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: adjust the position to init iso data anchor MediaTek iso data anchor init should be moved to where MediaTek cla… New	-	CVE-2024-53238	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

199	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-aft… New	-	CVE-2024-53237	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

200	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: erofs: fix file-backed mounts over FUSE syzbot reported a null-ptr-deref in fuse_read_args_fill: fuse_read_folio+0xb0/0x100 fs/f… New	-	CVE-2024-53235	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm