|
2181
|
- |
|
-
|
-
|
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. The…
|
CWE-93
CRLF Injection
|
CVE-2024-51501
|
2024-11-9 01:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2182
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix user-after-free from session log off
There is racy issue between smb2 session log off and smb2 session setup.
It will …
|
CWE-416
Use After Free
|
CVE-2024-50086
|
2024-11-9 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2183
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
We're seeing crashes from rq_qos_wake_function that look like …
|
NVD-CWE-noinfo
|
CVE-2024-50082
|
2024-11-9 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2184
|
6.5 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vt: prevent kernel-infoleak in con_font_get()
font.data may not initialize all memory spaces depending on the implementation
of v…
|
CWE-909
Missing Initialization of Resource
|
CVE-2024-50076
|
2024-11-9 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2185
|
7.8 |
HIGH
Local
|
linux
redhat
|
linux_kernel
enterprise_linux
|
In the Linux kernel, the following vulnerability has been resolved:
parport: Proper fix for array out-of-bounds access
The recent fix for array out-of-bounds accesses replaced sprintf()
calls blind…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50074
|
2024-11-9 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2186
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/bugs: Use code segment selector for VERW operand
Robert Gill reported below #GP in 32-bit mode when dosemu software was
execu…
|
NVD-CWE-noinfo
|
CVE-2024-50072
|
2024-11-9 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2187
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thermal: core: Free tzp copy along with the thermal zone
The object pointed to by tz->tzp may still be accessed after being
freed…
|
CWE-416
Use After Free
|
CVE-2024-50027
|
2024-11-9 01:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2188
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: Avoid a bad reference count on CPU node
In the parse_perf_domain function, if the call to
of_parse_phandle_with_args ret…
|
NVD-CWE-Other
|
CVE-2024-50012
|
2024-11-9 01:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2189
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: asihpi: Fix potential OOB array access
ASIHPI driver stores some values in the static array upon a response
from the driver…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-50007
|
2024-11-9 01:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2190
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
uprobes: fix kernel info leak via "[uprobes]" vma
xol_add_vma() maps the uninitialized page allocated by __create_xol_area()
into…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-49975
|
2024-11-9 01:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
