|
313571
|
7.2 |
HIGH
Network
|
cisco
|
rv340_dual_wan_gigabit_vpn_router_firmware
rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware
rv345_dual_wan_gigabit_vpn_router_firmware
rv345p_dual_wan_gigabit_poe_vpn_router_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute ar…
|
NVD-CWE-Other
|
CVE-2024-20470
|
2024-10-10 01:55 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313572
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ethtool: fail closed if we can't get max channel used in indirection tables
Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing…
|
NVD-CWE-noinfo
|
CVE-2024-46834
|
2024-10-10 00:57 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313573
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: void array out of bound when loop tnl_num
When query reg inf of SSU, it loops tnl_num times. However, tnl_num comes
fr…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46833
|
2024-10-10 00:54 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313574
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
This avoids warning:
[ 0.118053] BUG: sleeping functi…
|
NVD-CWE-noinfo
|
CVE-2024-46832
|
2024-10-10 00:51 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313575
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: aspeed_udc: validate endpoint index for ast udc
We should verify the bound of the array to assure that host
may not …
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46836
|
2024-10-10 00:47 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313576
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/panthor: Restrict high priorities on group_create
We were allowing any users to create a high priority group without any
perm…
|
NVD-CWE-noinfo
|
CVE-2024-46837
|
2024-10-10 00:37 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313577
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
userfaultfd: don't BUG_ON() if khugepaged yanks our page table
Since khugepaged was changed to allow retracting page tables in fi…
|
NVD-CWE-noinfo
|
CVE-2024-46838
|
2024-10-10 00:35 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313578
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: s390: fix validity interception issue when gisa is switched off
We might run into a SIE validity if gisa has been disabled e…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45005
|
2024-10-10 00:30 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313579
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: dcp: fix leak of blob encryption key
Trusted keys unseal the key blob on load, but keep the sealed payload in
the …
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45004
|
2024-10-10 00:19 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313580
|
7.8 |
HIGH
Local
|
authenticator
|
authenticator
|
Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EV…
|
CWE-326
CWE-327
Inadequate Encryption Strength
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-45394
|
2024-10-10 00:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
