|
315001
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Vulnerability of resources not being closed or released in the keystore module
Impact: Successful exploitation of this vulnerability will affect availability.
|
CWE-459
Incomplete Cleanup
|
CVE-2024-45445
|
2024-09-6 22:54 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315002
|
5.5 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
Access permission verification vulnerability in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-45444
|
2024-09-6 22:48 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315003
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tpm: Use auth only after NULL check in tpm_buf_check_hmac_response()
Dereference auth after NULL check in tpm_buf_check_hmac_resp…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42255
|
2024-09-6 22:41 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315004
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix error pbuf checking
Syz reports a problem, which boils down to NULL vs IS_ERR inconsistent
error handling in io_all…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42254
|
2024-09-6 22:40 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315005
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: pca953x: fix pca953x_irq_bus_sync_unlock race
Ensure that `i2c_lock' is held when setting interrupt latch and mask in
pca95…
|
CWE-667
Improper Locking
|
CVE-2024-42253
|
2024-09-6 22:38 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315006
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
closures: Change BUG_ON() to WARN_ON()
If a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON()
For reference, this has …
|
CWE-617
Reachable Assertion
|
CVE-2024-42252
|
2024-09-6 22:37 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315007
|
9.1 |
CRITICAL
Network
|
huawei
|
emui
harmonyos
|
Directory traversal vulnerability in the cust module
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
|
CWE-22
Path Traversal
|
CVE-2024-45443
|
2024-09-6 22:33 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315008
|
4.3 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source customer relationship management (CRM) system. Prior to version 7.14.5 and 8.6.2, insufficient access control checks allow a threat actor to delete records via the API. Ver…
|
NVD-CWE-Other
|
CVE-2024-45392
|
2024-09-6 22:24 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315009
|
6.1 |
MEDIUM
Network
|
angeljudesuarez
|
event_management_system
|
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php.
|
CWE-79
Cross-site Scripting
|
CVE-2024-44728
|
2024-09-6 22:23 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315010
|
6.1 |
MEDIUM
Network
|
1e
|
platform
|
The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users.
…
|
CWE-601
Open Redirect
|
CVE-2024-7211
|
2024-09-6 22:23 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
