|
313201
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm, slub: avoid zeroing kmalloc redzone
Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra
allocated kmalloc spac…
|
NVD-CWE-noinfo
|
CVE-2024-49885
|
2024-11-13 23:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313202
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
resource: fix region_intersects() vs add_memory_driver_managed()
On a system with CXL memory, the resource tree (/proc/iomem) rel…
|
NVD-CWE-noinfo
|
CVE-2024-49878
|
2024-11-13 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313203
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/gup: fix memfd_pin_folios alloc race panic
If memfd_pin_folios tries to create a hugetlb page, but someone else
already did, t…
|
CWE-362
Race Condition
|
CVE-2024-49872
|
2024-11-13 23:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313204
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix a race between socket set up and I/O thread creation
In rxrpc_open_socket(), it sets up the socket and then sets up th…
|
CWE-362
Race Condition
|
CVE-2024-49864
|
2024-11-13 23:23 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313205
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btintel_pcie: Allocate memory for driver private data
Fix driver not allocating memory for struct btintel_data which i…
|
NVD-CWE-noinfo
|
CVE-2024-46869
|
2024-11-13 23:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313206
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: check if leafidx greater than num leaves per dmap tree
syzbot report a out of bounds in dbSplit, it because dmt_leafidx grea…
|
NVD-CWE-noinfo
|
CVE-2024-49902
|
2024-11-13 22:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313207
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
In sctp_listen_start() invoked by sctp_inet_listen(), it…
|
NVD-CWE-noinfo
|
CVE-2024-49944
|
2024-11-13 22:30 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313208
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
l2tp: prevent possible tunnel refcount underflow
When a session is created, it sets a backpointer to its tunnel. When
the session…
|
NVD-CWE-noinfo
|
CVE-2024-49940
|
2024-11-13 22:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313209
|
5.4 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id{} of the component Dashboard. The manipul…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-10761
|
2024-11-13 20:15 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313210
|
- |
|
-
|
-
|
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitrary code execution after a successful Man-In-The-Middle attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-8938
|
2024-11-13 14:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
