461
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix slab-use-after-free in ext4_split_extent_at()
We hit the following use-after-free:
===================================…
|
CWE-416
Use After Free
|
CVE-2024-49884
|
2024-10-25 23:37 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
462
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Initialize denominators' default to 1
[WHAT & HOW]
Variables used as denominators and maybe not assigned to othe…
|
CWE-369
Divide By Zero
|
CVE-2024-49899
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
463
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
Syzbot reported a null-ptr-deref bug:
NILFS (loop0): s…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-49007
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
464
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation
This commit addresses a potential index out…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49895
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
465
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check stream_status before it is used
[WHAT & HOW]
dc_state_get_stream_status can return null, and therefore nul…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49893
|
2024-10-25 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
466
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Initialize get_bytes_per_element's default to 1
Variables, used as denominators and maybe not assigned to other …
|
CWE-369
Divide By Zero
|
CVE-2024-49892
|
2024-10-25 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
467
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index out of bounds in degamma hardware format translation
Fixes index out of bounds issue in
`cm_helper_tra…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49894
|
2024-10-25 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
468
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing: Free buffers when a used dynamic event is removed
After 65536 dynamic events have been added and removed, the "type" fie…
|
CWE-416
Use After Free
|
CVE-2022-49006
|
2024-10-25 23:30 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
469
|
8.7 |
HIGH
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. This can be leveraged to g…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47819
|
2024-10-25 23:24 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
470
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
for_each_pci_dev() is implemented by pci_get_device(). The comm…
|
NVD-CWE-Other
|
CVE-2022-49002
|
2024-10-25 23:24 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|