|
313351
|
5.0 |
MEDIUM
Network
|
sap
|
crm_abap_insights_management
|
SAP CRM ABAP (Insights
Management) allows an authenticated attacker to enumerate HTTP endpoints in the
internal network by specially crafting HTTP requests. On successful
exploitation this can result…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-41737
|
2024-09-12 22:49 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313352
|
4.3 |
MEDIUM
Network
|
sap
|
business_objects_business_intelligence_platform
|
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful exploitatio…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-42375
|
2024-09-12 22:46 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313353
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ibmvnic: free reset-work-item when flushing
Fix a tiny memory leak when flushing the reset work queue.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48905
|
2024-09-12 22:44 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313354
|
6.5 |
MEDIUM
Network
|
sap
|
shared_service_framework
|
SAP Shared Service Framework does not perform necessary
authorization check for an authenticated user, resulting in escalation of
privileges. On successful exploitation, an attacker can cause a high …
|
CWE-862
Missing Authorization
|
CVE-2024-42376
|
2024-09-12 22:43 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313355
|
4.3 |
MEDIUM
Network
|
sap
|
shared_service_framework
|
SAP shared service framework allows an
authenticated non-administrative user to call a remote-enabled function, which
will allow them to insert value entries into a non-sensitive table, causing low
i…
|
CWE-862
Missing Authorization
|
CVE-2024-42377
|
2024-09-12 22:42 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313356
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
Syzkaller with UBSAN uncovered a scenario where a large…
|
NVD-CWE-noinfo
|
CVE-2022-48906
|
2024-09-12 22:41 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313357
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
During driver initialization, the pointer of card info, i.e. the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48908
|
2024-09-12 22:37 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313358
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix connection leak
There's a potential leak issue under following execution sequence :
smc_release smc_connect_wo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48909
|
2024-09-12 22:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313359
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
auxdisplay: lcd2s: Fix memory leak in ->remove()
Once allocated the struct lcd2s_data is never freed.
Fix the memory leak by swit…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48907
|
2024-09-12 22:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313360
|
5.3 |
MEDIUM
Network
|
sap
|
document_builder
|
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
|
CWE-862
Missing Authorization
|
CVE-2024-39591
|
2024-09-12 22:29 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
