|
314271
|
6.5 |
MEDIUM
Network
|
sap
|
shared_service_framework
|
SAP Shared Service Framework does not perform necessary
authorization check for an authenticated user, resulting in escalation of
privileges. On successful exploitation, an attacker can cause a high …
|
CWE-862
Missing Authorization
|
CVE-2024-42376
|
2024-09-12 22:43 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314272
|
4.3 |
MEDIUM
Network
|
sap
|
shared_service_framework
|
SAP shared service framework allows an
authenticated non-administrative user to call a remote-enabled function, which
will allow them to insert value entries into a non-sensitive table, causing low
i…
|
CWE-862
Missing Authorization
|
CVE-2024-42377
|
2024-09-12 22:42 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314273
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
Syzkaller with UBSAN uncovered a scenario where a large…
|
NVD-CWE-noinfo
|
CVE-2022-48906
|
2024-09-12 22:41 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314274
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
During driver initialization, the pointer of card info, i.e. the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48908
|
2024-09-12 22:37 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314275
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix connection leak
There's a potential leak issue under following execution sequence :
smc_release smc_connect_wo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48909
|
2024-09-12 22:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314276
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
auxdisplay: lcd2s: Fix memory leak in ->remove()
Once allocated the struct lcd2s_data is never freed.
Fix the memory leak by swit…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48907
|
2024-09-12 22:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314277
|
5.3 |
MEDIUM
Network
|
sap
|
document_builder
|
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
|
CWE-862
Missing Authorization
|
CVE-2024-39591
|
2024-09-12 22:29 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314278
|
4.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate…
|
CWE-862
Missing Authorization
|
CVE-2024-41734
|
2024-09-12 22:28 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314279
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen/netfront: destroy queues before real_num_tx_queues is zeroed
xennet_destroy_queues() relies on info->netdev->real_num_tx_queu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48914
|
2024-09-12 22:27 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314280
|
5.4 |
MEDIUM
Network
|
sap
|
student_life_cycle_management
|
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a…
|
CWE-862
Missing Authorization
|
CVE-2024-42373
|
2024-09-12 22:26 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
