NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:Dec. 31, 2024, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
301	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit 09aea1… New	-	CVE-2024-56577	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

302	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happen… New	-	CVE-2024-56582	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

303	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should … New	-	CVE-2024-56576	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

304	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref… New	-	CVE-2024-56581	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

305	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend async… New	-	CVE-2024-56575	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

306	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: ts2020: fix null-ptr-deref in ts2020_probe() KASAN reported a null-ptr-deref issue when executing the following command: … New	-	CVE-2024-56574	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

307	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Require entities to have a non-zero unique ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a … New	-	CVE-2024-56571	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

308	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs due to a race between smmu driver … New	-	CVE-2024-56568	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

309	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in … New	-	CVE-2024-56566	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

310	-	-	-	-	A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_pro_details.php. The manipulation of the a… Update	-	CVE-2024-12958	2024-12-28 00:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

311	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ----------… New	-	CVE-2024-56565	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

312	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: slab: Fix too strict alignment check in create_cache() On m68k, where the minimum alignment of unsigned long is 2 bytes: Ker… New	-	CVE-2024-56560	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

313	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures th… New	-	CVE-2024-56558	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

314	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner… New	-	CVE-2024-56556	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

315	-	-	-	-	Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and canonicalizat… Update	-	CVE-2024-12908	2024-12-28 00:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

316	-	-	-	-	Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. Update	-	CVE-2024-47157	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

317	-	-	-	-	Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Update	-	CVE-2024-47155	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

318	-	-	-	-	Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Update	-	CVE-2024-47154	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

319	-	-	-	-	Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Update	-	CVE-2024-47153	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

320	-	-	-	-	A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the ar… Update	-	CVE-2024-12949	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

321	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation When compiling kernel source 'mak… New	-	CVE-2024-56559	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

322	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner_lock… New	-	CVE-2024-56555	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

323	-	-	-	-	A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /signin.php. The manipulatio… Update	-	CVE-2024-12944	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

324	-	-	-	-	A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ownersignup.php. T… Update	-	CVE-2024-12943	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

325	-	-	-	-	A vulnerability was found in code-projects Simple Admin Panel 1.0 and classified as problematic. This issue affects some unknown processing of the file addCatController.php. The manipulation of the a… Update	-	CVE-2024-12930	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

326	-	-	-	-	A vulnerability has been found in code-projects Student Management System 1.0.00 and classified as critical. This vulnerability affects unknown code of the file /addCatController.php. The manipulatio… Update	-	CVE-2024-12929	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

327	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binder_release_work() When a binder reference is cleaned up, any freeze work queued in the associated p… New	-	CVE-2024-56554	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

328	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: binder: fix memleak of proc->delivered_freeze If a freeze notification is cleared with BC_CLEAR_FREEZE_NOTIFICATION before callin… New	-	CVE-2024-56553	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

329	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc_submit: fix race around suspend_pending Currently in some testcases we can trigger: xe 0000:03:00.0: [drm] Assertion … New	-	CVE-2024-56552	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

330	-	-	-	-	A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. This affects an unknown part. The manipulation of the argument c_name leads to sql injection. It … Update	-	CVE-2024-12928	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

331	-	-	-	-	A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected by this issue is some unknown functionality of the file /faculty… Update	-	CVE-2024-12927	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

332	-	-	-	-	A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manip… Update	-	CVE-2024-12926	2024-12-28 00:15	2024-12-26	Show	GitHub Exploit DB Packet Storm

333	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sc… New	-	CVE-2024-56551	2024-12-28 00:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

334	-	-	-	-	The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin ad… Update	-	CVE-2024-11607	2024-12-28 00:15	2024-12-21	Show	GitHub Exploit DB Packet Storm

335	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() If we fail to allocate memory for cb_data by kmalloc, th…	-	CVE-2024-56546	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

336	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by un…	-	CVE-2024-56538	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

337	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_disp: layer may be null while releasing layer->info can be null if we have an error on the first layer in zynqm…	-	CVE-2024-56537	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

338	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: cw1200: Fix potential NULL dereference A recent refactoring was identified by static analysis to cause a potential NULL der…	-	CVE-2024-56536	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

339	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() kmalloc may fail, return value might be NULL and will caus…	-	CVE-2024-56535	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

340	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lon…	-	CVE-2024-56533	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

341	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6…	-	CVE-2024-53239	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

342	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for ever…	-	CVE-2024-53236	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

343	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta[1] lclusters gracefully syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/i…	-	CVE-2024-53234	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

344	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() cpufreq_cpu_get_raw() may return NULL if the cpu is not in p…	-	CVE-2024-53231	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

345	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() cpufreq_cpu_get_raw() may return NULL if the cpu is not in pol…	-	CVE-2024-53230	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

346	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvm_riscv_vcpu_sbi_init() the entry->ext_idx can contain an out-of-bound index. Thi…	-	CVE-2024-53228	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

347	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argumen…	-	CVE-2024-53226	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

348	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift When configuring a kernel with PAGE_SIZE=4KB, depending on its setting…	-	CVE-2024-53225	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

349	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no a…	-	CVE-2024-53217	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

350	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed tw…	-	CVE-2024-53213	2024-12-27 23:15	2024-12-27	Show	GitHub Exploit DB Packet Storm