|
1071
|
7.8 |
HIGH
Local
|
samsung
|
android
|
Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34678
|
2024-11-13 00:30 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1072
|
- |
|
-
|
-
|
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Ather Iqbal.
New
|
-
|
CVE-2024-10315
|
2024-11-13 00:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1073
|
- |
|
-
|
-
|
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP pac…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-6501
|
2024-11-13 00:15 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1074
|
- |
|
-
|
-
|
A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-6126
|
2024-11-13 00:15 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1075
|
- |
|
-
|
-
|
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, …
Update
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-3727
|
2024-11-13 00:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1076
|
- |
|
-
|
-
|
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server…
Update
|
CWE-416
Use After Free
|
CVE-2024-31083
|
2024-11-13 00:15 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1077
|
- |
|
-
|
-
|
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially lead…
Update
|
CWE-126
Buffer Over-read
|
CVE-2024-31081
|
2024-11-13 00:15 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1078
|
- |
|
-
|
-
|
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially lead…
Update
|
CWE-126
Buffer Over-read
|
CVE-2024-31080
|
2024-11-13 00:15 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1079
|
4.6 |
MEDIUM
Physics
|
samsung
|
android
|
Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.
Update
|
NVD-CWE-noinfo
|
CVE-2024-49402
|
2024-11-13 00:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1080
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86: fix user address masking non-canonical speculation issue
It turns out that AMD has a "Meltdown Lite(tm)" issue with non-cano…
Update
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-50102
|
2024-11-13 00:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
