|
316411
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register()
bcm_sf2_mdio_register() calls of_phy_find_device() and t…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-44971
|
2024-09-6 02:54 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316412
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: prevent UAF in ip6_send_skb()
syzbot reported an UAF in ip6_send_skb() [1]
After ip6_local_out() has returned, we no longe…
|
CWE-416
Use After Free
|
CVE-2024-44987
|
2024-09-6 02:53 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316413
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
power: supply: rt5033: Bring back i2c_set_clientdata
Commit 3a93da231c12 ("power: supply: rt5033: Use devm_power_supply_register(…
|
NVD-CWE-noinfo
|
CVE-2024-44936
|
2024-09-6 02:53 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316414
|
7.8 |
HIGH
Local
|
overwolf
|
overwolf
|
A local privilege escalation is caused by Overwolf
loading and executing certain dynamic link library files from a user-writeable
folder in SYSTEM context on launch. This allows an attacker with unpr…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-7834
|
2024-09-6 02:52 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316415
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path
Dan Carpenter reported a Smack static checker w…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42307
|
2024-09-6 02:49 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316416
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: let's avoid panic if extent_tree is not created
This patch avoids the below panic.
pc : __lookup_extent_tree+0xd8/0x760
lr…
|
NVD-CWE-noinfo
|
CVE-2022-48877
|
2024-09-6 02:47 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316417
|
- |
|
-
|
-
|
A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component HTTP Request Handl…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-8462
|
2024-09-6 02:45 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316418
|
- |
|
-
|
-
|
SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.
|
-
|
CVE-2024-42885
|
2024-09-6 02:44 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316419
|
- |
|
-
|
-
|
itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via the "menu" parameter.
|
-
|
CVE-2024-44587
|
2024-09-6 02:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316420
|
9.8 |
CRITICAL
Network
|
multivendorx
|
multivendorx
|
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to an insufficient capab…
|
CWE-862
Missing Authorization
|
CVE-2024-8289
|
2024-09-6 02:41 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
