221
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer
This commit addresses a potential…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49918
|
2024-10-25 01:49 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
222
|
- |
|
-
|
-
|
A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privil…
New
|
-
|
CVE-2024-40432
|
2024-10-25 01:35 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
223
|
8.8 |
HIGH
Network
|
scada-lts
|
scada-lts
|
An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive i…
Update
|
NVD-CWE-noinfo
|
CVE-2023-33472
|
2024-10-25 01:35 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
224
|
7.5 |
HIGH
Network
code-projects
|
dormitory_management_system
|
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation o…
Update
|
NVD-CWE-noinfo
|
CVE-2024-0472
|
2024-10-25 01:35 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
225
|
9.8 |
CRITICAL
Network
rubygems
|
rubygems.org
|
Rubygems.org is the Ruby community's gem hosting service. Rubygems.org users with MFA enabled would normally be protected from account takeover in the case of email account takeover. However, a worka…
Update
|
CWE-287
Improper Authentication
|
CVE-2024-21654
|
2024-10-25 01:35 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
226
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw88: always wait for both firmware loading attempts
In 'rtw_wait_firmware_completion()', always wait for both (regular an…
Update
|
CWE-416
Use After Free
|
CVE-2024-47718
|
2024-10-25 01:31 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
227
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Protect against overflow of ALIGN() during iova allocation
Userspace can supply an iova and uptr such that the target io…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47719
|
2024-10-25 01:21 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
228
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: fix out-of-bounds in dbNextAG() and diAlloc()
In dbNextAG() , there is no check for the case where bmp->db_numag is
greater …
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47723
|
2024-10-25 01:17 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
229
|
- |
|
-
|
-
|
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.
New
|
-
|
CVE-2024-48538
|
2024-10-25 01:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
230
|
9.8 |
CRITICAL
Network
vasiliskerasiotis
|
affiliator
|
Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3.
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49326
|
2024-10-25 01:13 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|