481
|
- |
|
-
|
-
|
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545.
|
-
|
CVE-2024-44100
|
2024-10-25 23:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
482
|
6.5 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to ac…
|
CWE-284 CWE-863
Improper Access Control Incorrect Authorization
|
CVE-2024-48925
|
2024-10-25 23:12 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
483
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme: fix SRCU protection of nvme_ns_head list
Walking the nvme_ns_head siblings list is protected by the head's srcu
in nvme_ns_…
|
CWE-416
Use After Free
|
CVE-2022-49003
|
2024-10-25 23:12 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
484
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/ct: prevent UAF in send_recv()
Ensure we serialize with completion side to prevent UAF with fence going
out of scope on th…
|
CWE-416
Use After Free
|
CVE-2024-50030
|
2024-10-25 23:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
485
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs
There are some cases, such as the one uncovered by Commit 46d4efcc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49901
|
2024-10-25 23:05 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
486
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix TTLM teardown work
The worker calculates the wrong sdata pointer, so if it ever
runs, it'll crash. Fix that.
|
NVD-CWE-noinfo
|
CVE-2024-43848
|
2024-10-25 22:57 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
487
|
7.3 |
HIGH
Local
|
intel
|
virtual_raid_on_cpu
|
Uncontrolled search path element in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-32646
|
2024-10-25 22:54 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
488
|
7.8 |
HIGH
Local
|
intel
|
ethernet_connections_boot_utility\ _preboot_images\ _and_efi_drivers administrative_tools_for_intel_network_adapters
|
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-33870
|
2024-10-25 22:51 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
489
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix uaf in dbFreeBits
[syzbot reported]
==================================================================
BUG: KASAN: slab-…
|
CWE-416
Use After Free
|
CVE-2024-49903
|
2024-10-25 22:40 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
490
|
- |
|
-
|
-
|
This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting t…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-9991
|
2024-10-25 22:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|