|
313811
|
4.3 |
MEDIUM
Network
|
sap
|
shared_service_framework
|
SAP shared service framework allows an
authenticated non-administrative user to call a remote-enabled function, which
will allow them to insert value entries into a non-sensitive table, causing low
i…
|
CWE-862
Missing Authorization
|
CVE-2024-42377
|
2024-09-12 22:42 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313812
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
Syzkaller with UBSAN uncovered a scenario where a large…
|
NVD-CWE-noinfo
|
CVE-2022-48906
|
2024-09-12 22:41 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313813
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
During driver initialization, the pointer of card info, i.e. the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48908
|
2024-09-12 22:37 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313814
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix connection leak
There's a potential leak issue under following execution sequence :
smc_release smc_connect_wo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48909
|
2024-09-12 22:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313815
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
auxdisplay: lcd2s: Fix memory leak in ->remove()
Once allocated the struct lcd2s_data is never freed.
Fix the memory leak by swit…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48907
|
2024-09-12 22:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313816
|
5.3 |
MEDIUM
Network
|
sap
|
document_builder
|
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
|
CWE-862
Missing Authorization
|
CVE-2024-39591
|
2024-09-12 22:29 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313817
|
4.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate…
|
CWE-862
Missing Authorization
|
CVE-2024-41734
|
2024-09-12 22:28 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313818
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen/netfront: destroy queues before real_num_tx_queues is zeroed
xennet_destroy_queues() relies on info->netdev->real_num_tx_queu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48914
|
2024-09-12 22:27 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313819
|
5.4 |
MEDIUM
Network
|
sap
|
student_life_cycle_management
|
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a…
|
CWE-862
Missing Authorization
|
CVE-2024-42373
|
2024-09-12 22:26 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313820
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: fix possible use-after-free
Eric Dumazet says:
The sock_hold() side seems suspect, because there is no gua…
|
CWE-416
Use After Free
|
CVE-2022-48911
|
2024-09-12 22:24 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
