111
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ppp: fix ppp_async_encode() illegal access
syzbot reported an issue in ppp_async_encode() [1]
In this case, pppoe_sendmsg() is c…
Update
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50035
|
2024-10-25 04:54 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
112
|
4.7 |
MEDIUM
Local
|
scikit-learn
|
scikit-learn
|
A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability …
Update
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2024-5206
|
2024-10-25 04:48 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
113
|
8.6 |
HIGH
Network
cisco
|
ios_xe
|
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affecte…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20464
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
114
|
8.6 |
HIGH
Network
cisco
|
ios_xe ios_xe_sd-wan
|
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote a…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20455
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
115
|
5.8 |
MEDIUM
Network
cisco
|
ios
|
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote att…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20465
|
2024-10-25 04:46 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
116
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute comman…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-20437
|
2024-10-25 04:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
117
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
[WHAT & HOW]
"dcn20_validate_apply_pipe_split_flags" dere…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49923
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
118
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
Since commit 3f8ca2e115e5 ("vhost/scsi: Extract common handling code
fro…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49863
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
119
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: br_netfilter: fix panic with metadata_dst skb
Fix a kernel panic in the br_netfilter module when sending untagged
traf…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50045
|
2024-10-25 04:38 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
120
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
rfcomm_sk_state_change attempts to use sock_lock so it must ne…
Update
|
CWE-667
Improper Locking
|
CVE-2024-50044
|
2024-10-25 04:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|