511
|
9.8 |
CRITICAL
Network
oracle
|
access_manager webcenter_portal utilities_framework retail_assortment_planning coherence rapid_planning communications_diameter_signaling_router healthcare_data_repository com…
|
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-2555
|
2024-10-2 23:24 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
512
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range
[Why & How]
ASSERT if return NULL from kcalloc.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46808
|
2024-10-2 23:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
513
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
um: line: always fill *error_out in setup_one_line()
The pointer isn't initialized by callers, but I have
encountered cases where…
Update
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46844
|
2024-10-2 23:22 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
514
|
5.4 |
MEDIUM
Network
|
millbeckcommunications
|
proroute_h685t-w_firmware
|
This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the vi…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-38380
|
2024-10-2 23:22 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
515
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing/timerlat: Only clear timer if a kthread exists
The timerlat tracer can use user space threads to check for osnoise and
ti…
Update
|
CWE-416
Use After Free
|
CVE-2024-46845
|
2024-10-2 23:18 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
516
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm: vmalloc: ensure vmap_block is initialised before adding to queue
Commit 8c61291fd850 ("mm: fix incorrect vbq reference in
pur…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46847
|
2024-10-2 23:16 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
517
|
9.8 |
CRITICAL
Network
vmware
|
vcenter_server
|
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sendi…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-38812
|
2024-10-2 23:16 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
518
|
- |
|
-
|
-
|
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.
New
|
-
|
CVE-2024-8885
|
2024-10-2 23:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
519
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change
When disabling wifi mt7921_ipv6_addr_change() is called as…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46860
|
2024-10-2 23:04 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
520
|
9.8 |
CRITICAL
Network
vmware
|
vcenter_server
|
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a sp…
Update
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2024-38813
|
2024-10-2 22:59 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|