|
771
|
- |
|
-
|
-
|
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform privilege escalation using a crafted JWT token. This vulnerability is not limited to privilege escalation…
Update
|
-
|
CVE-2024-50634
|
2024-11-14 00:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
772
|
- |
|
-
|
-
|
An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility func…
Update
|
-
|
CVE-2024-25431
|
2024-11-14 00:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
773
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
be2net: fix potential memory leak in be_xmit()
The be_xmit() returns NETDEV_TX_OK without freeing skb
in case of be_xmit_enqueue(…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50167
|
2024-11-14 00:29 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
774
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit
Syzbot points out that skb_trim() has a sanity check on…
Update
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-49938
|
2024-11-14 00:25 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
775
|
6.1 |
MEDIUM
Network
|
veritas
|
data_insight
|
An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47854
|
2024-11-14 00:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
776
|
6.5 |
MEDIUM
Adjacent
|
zephyrproject
|
zephyr
|
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-6444
|
2024-11-14 00:24 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
777
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: core: Fix null-ptr-deref in target_alloc_device()
There is a null-ptr-deref issue reported by KASAN:
BUG: KASAN: n…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50153
|
2024-11-14 00:23 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
778
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ACPI: PAD: fix crash in exit_round_robin()
The kernel occasionally crashes in cpumask_clear_cpu(), which is called
within exit_ro…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49935
|
2024-11-14 00:21 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
779
|
4.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name
It's observed that a crash occurs during hot-remove a memor…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49934
|
2024-11-14 00:18 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
780
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix possible double free in smb2_set_ea()
Clang static checker(scan-build) warning?
fs/smb/client/smb2ops.c:1304:2: …
Update
|
CWE-415
Double Free
|
CVE-2024-50152
|
2024-11-14 00:15 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
