NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:Jan. 2, 2025, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hi…	-	CVE-2024-56691	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

352	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY Since commit 8f4f68e788c3 ("crypto: pcrypt - …	-	CVE-2024-56690	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

353	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platform_get_resource_byname() fails and returns NULL becaus…	-	CVE-2024-56689	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

354	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_…	-	CVE-2024-56688	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

355	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: fix wrong use of sizeof in cmdq_get_clocks() It should be size of the struct clk_bulk_data, not data pointer p…	-	CVE-2024-56684	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

356	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid hang with debug registers when suspended Trying to read /sys/kernel/debug/dri/1/hdmi1_regs when the hdmi is …	-	CVE-2024-56683	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

357	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: irqchip/riscv-aplic: Prevent crash when MSI domain is missing If the APLIC driver is probed before the IMSIC driver, the parent M…	-	CVE-2024-56682	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

358	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init shou…	-	CVE-2024-56681	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

359	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: do not handle interrupts when device is disabled Some IPU6 devices have shared interrupts. We need to handle p…	-	CVE-2024-56680	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

360	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c Add error pointer check after calling otx2_mbox_get_rsp().	-	CVE-2024-56679	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

361	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with _free() Variables annotated with __free() need to be initialized if th…	-	CVE-2024-56676	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

362	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: bpf: Mark raw_tp arguments with PTR_MAYBE_NULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics t…	-	CVE-2024-56702	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

363	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore The dtl_access_lock needs to be a rw_sempahore, a sleeping lock, becaus…	-	CVE-2024-56701	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

364	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based …	-	CVE-2024-56703	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

365	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmc_send_cmd() Atomicity violation occurs when the fmc_send_cmd() function is executed …	-	CVE-2024-56700	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

366	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug slot In commit 6ee600bfbe0f ("s390/pci: remove hotplug slot when releasing the d…	-	CVE-2024-56699	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

367	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()' The `kfd_get_cu_occupancy` function previou…	-	CVE-2024-56695	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

368	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when verdict program return SK_PASS When the stream_verdict program returns SK_PASS, it places the receiv…	-	CVE-2024-56694	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

369	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during f…	-	CVE-2024-56693	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

370	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncate_node() syzbot reports a f2fs bug as below: ------------[ cut here ]----…	-	CVE-2024-56692	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

371	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix hardware lockup on first Rx endpoint request There is a possibility that a request's callback could be invoked fro…	-	CVE-2024-56687	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

372	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ext4: fix race in buffer_head read fault injection When I enabled ext4 debug for fault injection testing, I encountered the follo…	-	CVE-2024-56686	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

373	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe Following commit 13f58267cda3 ("ASoC: soc.h: don't creat…	-	CVE-2024-56685	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

374	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copy_from_kernel_nofault() can be called when doing read of /proc/kcore. /proc/…	-	CVE-2024-56678	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

375	-	-	-	-	In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_S…	-	CVE-2024-56677	2024-12-28 19:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

376	-	-	-	-	A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This…	-	CVE-2023-52718	2024-12-28 17:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

377	-	-	-	-	Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulne…	-	CVE-2023-7266	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

378	-	-	-	-	Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability…	-	CVE-2023-7263	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

379	-	-	-	-	Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:H…	-	CVE-2022-48470	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

380	-	-	-	-	Some Huawei wearables have a permission management vulnerability.	-	CVE-2021-37000	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

381	-	-	-	-	Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).	-	CVE-2021-22484	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

382	-	-	-	-	There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur o…	-	CVE-2020-1824	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

383	-	-	-	-	There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur o…	-	CVE-2020-1823	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

384	-	-	-	-	There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur o…	-	CVE-2020-1822	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

385	-	-	-	-	There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur o…	-	CVE-2020-1821	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

386	-	-	-	-	There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur o…	-	CVE-2020-1820	2024-12-28 16:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

387	-	-	-	-	Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.	-	CVE-2024-46973	2024-12-28 14:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

388	-	-	-	-	Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.	-	CVE-2024-46972	2024-12-28 14:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

389	-	-	-	-	Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.	-	CVE-2024-43705	2024-12-28 14:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

390	-	-	-	-	A vulnerability was found in Beijing Longda Jushang Technology DBShop???? 3.3 Release 231225. It has been declared as problematic. This vulnerability affects unknown code of the file /home-order. The…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-12991	2024-12-28 05:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

391	-	-	-	-	A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic. This affects an unknown part of the file /user/admin-verify of the component Admin Verification Page. T…	-	CVE-2024-12990	2024-12-28 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

392	-	-	-	-	A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The ma…	-	CVE-2024-12988	2024-12-28 04:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

393	-	-	-	-	A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulati…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-12989	2024-12-28 03:15	2024-12-28	Show	GitHub Exploit DB Packet Storm

394	-	-	-	-	Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to…	-	CVE-2024-56326	2024-12-28 03:15	2024-12-24	Show	GitHub Exploit DB Packet Storm

395	-	-	-	-	A vulnerability, which was classified as critical, has been found in code-projects Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/index.php of…	-	CVE-2024-12969	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

396	-	-	-	-	LGSL (Live Game Server List) provides online status for games. Before 7.0.0, a stored cross-site scripting (XSS) vulnerability was identified in lgsl. The function lgsl_query_40 in lgsl_protocol.php …	-	CVE-2024-56361	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

397	-	-	-	-	OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support informa…	-	CVE-2024-45805	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

398	-	-	-	-	A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. Affected by this vulnerability is the function edit_jobpost of the file /_parse/_all_edits.php. The manipulation…	-	CVE-2024-12968	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

399	-	-	-	-	A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function cn_update of the file /_parse/_all_edits.php. The manipulation of the ar…	-	CVE-2024-12966	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm

400	-	-	-	-	A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /update_ex_detail.php. The manipu…	-	CVE-2024-12965	2024-12-28 02:15	2024-12-27	Show	GitHub Exploit DB Packet Storm