|
1751
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ACPI: CPPC: Make rmw_lock a raw_spin_lock
The following BUG was triggered:
=============================
[ BUG: Invalid wait con…
|
NVD-CWE-noinfo
|
CVE-2024-50249
|
2024-11-15 02:01 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1752
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisati…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50239
|
2024-11-15 01:59 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1753
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
r…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50238
|
2024-11-15 01:58 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1754
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail to properly authorize the requests to /api/v4/channels which allows a User or System Manager, with "R…
|
CWE-863
Incorrect Authorization
|
CVE-2024-42000
|
2024-11-15 01:48 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1755
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels…
|
NVD-CWE-noinfo
|
CVE-2024-52032
|
2024-11-15 01:47 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1756
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Initialize struct nfsd4_copy earlier
Ensure the refcount and async_copies fields are initialized early.
cleanup_async_copy(…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50241
|
2024-11-15 01:45 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1757
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
Avoid potentially crashing in the driver because of unini…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50237
|
2024-11-15 01:42 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1758
|
- |
|
-
|
-
|
An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information lea…
|
-
|
CVE-2024-11165
|
2024-11-15 01:35 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1759
|
- |
|
-
|
-
|
Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server…
|
-
|
CVE-2024-8068
|
2024-11-15 01:35 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1760
|
- |
|
-
|
-
|
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2…
|
-
|
CVE-2024-44337
|
2024-11-15 01:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
