|
314661
|
9.1 |
CRITICAL
Network
|
bitapps
|
bit_form
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
|
CWE-22
Path Traversal
|
CVE-2024-43248
|
2024-09-7 01:32 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314662
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix null pointer deref in bond_ipsec_offload_ok
We must check if there is an active slave before dereferencing the point…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44990
|
2024-09-7 01:31 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314663
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix xfrm real_dev null pointer dereference
We shouldn't set real_dev to NULL because packets can be in transit and
xfrm …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44989
|
2024-09-7 01:31 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314664
|
5.9 |
MEDIUM
Network
|
dlink
|
dns-320_firmware
|
A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widget_api.cgi of the compone…
|
NVD-CWE-noinfo
|
CVE-2024-8460
|
2024-09-7 01:30 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314665
|
8.8 |
HIGH
Network
|
bitapps
|
bit_form
|
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-43249
|
2024-09-7 01:30 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314666
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb/client: avoid possible NULL dereference in cifs_free_subrequest()
Clang static checker (scan-build) warning:
cifsglob.h:line…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44992
|
2024-09-7 01:29 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314667
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
atm: idt77252: prevent use after free in dequeue_rx()
We can't dereference "skb" after calling vcc->push() because the skb
is rel…
|
CWE-416
Use After Free
|
CVE-2024-44998
|
2024-09-7 01:28 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314668
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()
When there are multiple ap interfaces on one band…
|
CWE-416
Use After Free
|
CVE-2024-44997
|
2024-09-7 01:28 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314669
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()`
When enabling UBSAN on Raspberry Pi 5, we get the following warning:
[ 3…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44993
|
2024-09-7 01:28 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314670
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rtla/osnoise: Prevent NULL dereference in error handling
If the "tool->data" allocation fails then there is no need to call
osnoi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45002
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
