|
1311
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
llc: make llc_ui_sendmsg() more robust against bonding changes
syzbot was able to trick llc_ui_sendmsg(), allocating an skb with …
Update
|
-
|
CVE-2024-26636
|
2024-11-5 19:15 |
2024-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1312
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
If the external phy working together with phy-omap-usb2 does not imp…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-26600
|
2024-11-5 19:15 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1313
|
7.8 |
HIGH
Local
|
linux
debian
|
linux_kernel
debian_linux
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
There is a potential UAF scenario in the case of an LPI transl…
Update
|
CWE-416
Use After Free
|
CVE-2024-26598
|
2024-11-5 19:15 |
2024-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1314
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
llc: call sock_orphan() at release time
syzbot reported an interesting trace [1] caused by a stale sk->sk_wq
pointer in a closed …
Update
|
-
|
CVE-2024-26625
|
2024-11-5 19:15 |
2024-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1315
|
6.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum_acl_tcam: Fix stack corruption
When tc filters are first added to a net device, the corresponding local
port gets…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-26586
|
2024-11-5 19:15 |
2024-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1316
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: qualcomm: rmnet: fix global oob in rmnet_policy
The variable rmnet_link_ops assign a *bigger* maxtype which leads to a
globa…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-26597
|
2024-11-5 19:15 |
2024-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1317
|
- |
|
-
|
-
|
In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not need…
Update
|
-
|
CVE-2024-20122
|
2024-11-5 17:35 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1318
|
4.7 |
MEDIUM
Local
|
-
|
-
|
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrar…
Update
|
CWE-20
Improper Input Validation
|
CVE-2024-9407
|
2024-11-5 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1319
|
6.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may …
Update
|
CWE-457
Use of Uninitialized Variable
|
CVE-2024-9355
|
2024-11-5 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1320
|
- |
|
-
|
-
|
A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulat…
Update
|
CWE-285
CWE-266
CWE-639
Improper Authorization
Incorrect Privilege Assignment
Authorization Bypass Through User-Controlled Key
|
CVE-2024-10654
|
2024-11-5 16:15 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
