161
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fix sleep in atomic at close time
Matt reported a splat at msk close time:
BUG: sleeping function called from invalid…
Update
|
CWE-667
Improper Locking
|
CVE-2022-49018
|
2024-10-25 03:38 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
162
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tipc: re-fetch skb cb after tipc_msg_validate
As the call trace shows, the original skb was freed in tipc_msg_validate(),
and der…
Update
|
CWE-416
Use After Free
|
CVE-2022-49017
|
2024-10-25 03:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
163
|
- |
|
-
|
-
|
A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker t…
New
|
-
|
CVE-2024-40431
|
2024-10-25 03:35 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
164
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: mdiobus: fix unbalanced node reference count
I got the following report while doing device(mscc-miim) load test
with CONFIG_…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-49016
|
2024-10-25 03:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
165
|
7.8 |
HIGH
Local
|
arm
|
mbed_studio keil_mdk gnu_toolchain fast_models arm_mobile_studio linaro_forge arm_development_studio arm_compiler_for_functional_safety arm_compiler_for_embedded_fusa arm_c…
|
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.
Update
|
CWE-276
Incorrect Default Permissions
|
CVE-2022-43701
|
2024-10-25 03:35 |
2023-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
166
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hsr: Fix potential use-after-free
The skb is delivered to netif_rx() which may free it, after calling this,
dereferencing sk…
Update
|
CWE-416
Use After Free
|
CVE-2022-49015
|
2024-10-25 03:31 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
167
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: tun: Fix use-after-free in tun_detach()
syzbot reported use-after-free in tun_detach() [1]. This causes call
trace like bel…
Update
|
CWE-416
Use After Free
|
CVE-2022-49014
|
2024-10-25 03:29 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
168
|
- |
|
-
|
-
|
php-heic-to-jpg <= 1.0.5 is vulnerable to remote code execution. An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no long…
New
|
-
|
CVE-2024-48514
|
2024-10-25 03:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
169
|
- |
|
-
|
-
|
Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication.
New
|
-
|
CVE-2024-48442
|
2024-10-25 03:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
170
|
- |
|
-
|
-
|
Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4 was discovered to contain a command injection vulnerability via the component at_command.asp.
New
|
-
|
CVE-2024-48441
|
2024-10-25 03:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|