191
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.
Update
|
NVD-CWE-noinfo
|
CVE-2023-52102
|
2024-10-24 01:35 |
2024-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
192
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-52098
|
2024-10-24 01:35 |
2024-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
193
|
9.8 |
CRITICAL
Network
apache
|
openmeetings
|
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0
Description: Attacker can elevate their privileges in any room
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-28326
|
2024-10-24 01:35 |
2023-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
194
|
8.1 |
HIGH
Network
|
apache
|
fineract
|
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.
Authorized users with limited permissions can gain access to server and may be able to use server for a…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2023-25195
|
2024-10-24 01:35 |
2023-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
195
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: pm80xx: Set phy->enable_completion only when we wait for it
pm8001_phy_control() populates the enable_completion pointer wi…
Update
|
CWE-416
Use After Free
|
CVE-2024-47666
|
2024-10-24 01:34 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
196
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/sgx: Fix deadlock in SGX NUMA node search
When the current node doesn't have an EPC section configured by firmware
and all ot…
New
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-49856
|
2024-10-24 01:33 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
197
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: iaa - Fix potential use after free bug
The free_device_compression_mode(iaa_device, device_mode) function frees
"device_m…
New
|
CWE-416
Use After Free
|
CVE-2024-47732
|
2024-10-24 01:31 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
198
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
Errata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0
(SP…
Update
|
NVD-CWE-noinfo
|
CVE-2024-47667
|
2024-10-24 01:31 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
199
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: fix uaf for accessing waker_bfqq after splitting
After commit 42c306ed7233 ("block, bfq: don't break merge chain in
b…
New
|
CWE-416
Use After Free
|
CVE-2024-49854
|
2024-10-24 01:29 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
200
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smack: tcp: ipv4, fix incorrect labeling
Currently, Smack mirrors the label of incoming tcp/ipv4 connections:
when a label 'foo' …
Update
|
NVD-CWE-noinfo
|
CVE-2024-47659
|
2024-10-24 01:29 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|