|
311381
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: i2c: ar0521: Use cansleep version of gpiod_set_value()
If we use GPIO reset from I2C port expander, we must use *_cansleep…
|
NVD-CWE-noinfo
|
CVE-2024-49961
|
2024-11-8 04:22 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311382
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: fix memfd_pin_folios free_huge_pages leak
memfd_pin_folios followed by unpin_folios fails to restore free_huge_pages
…
|
NVD-CWE-Other
|
CVE-2024-49964
|
2024-11-8 04:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311383
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
static_call: Replace pointless WARN_ON() in static_call_module_notify()
static_call_module_notify() triggers a WARN_ON(), when me…
|
NVD-CWE-noinfo
|
CVE-2024-49954
|
2024-11-8 04:16 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311384
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice
The km.state is not checked in driver's delayed work. When
xfr…
|
CWE-672
Operation on a Resource after Expiration or Release
|
CVE-2024-49953
|
2024-11-8 02:44 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311385
|
- |
|
-
|
-
|
An issue was discovered in the IhisiServiceSmm module in Insyde InsydeH2O with kernel 5.2 before 05.28.42, 5.3 before 05.37.42, 5.4 before 05.45.39, 5.5 before 05.53.39, and 5.6 before 05.60.39 that …
|
-
|
CVE-2023-28149
|
2024-11-8 02:35 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311386
|
4.8 |
MEDIUM
Network
|
agendaless
|
waitress
|
Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recv_bytes (defaults to 8192) long, followed by a secondary request using HTTP…
|
CWE-444
CWE-367
HTTP Request Smuggling
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-49768
|
2024-11-8 02:28 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311387
|
2.7 |
LOW
Network
|
nirmata
|
kyverno
|
Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By des…
|
CWE-863
Incorrect Authorization
|
CVE-2024-48921
|
2024-11-8 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311388
|
9.8 |
CRITICAL
Network
|
servicenow
|
servicenow
|
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context…
|
CWE-94
Code Injection
|
CVE-2024-8923
|
2024-11-8 02:18 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311389
|
7.5 |
HIGH
Network
|
servicenow
|
servicenow
|
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. Serv…
|
CWE-89
SQL Injection
|
CVE-2024-8924
|
2024-11-8 02:16 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311390
|
7.8 |
HIGH
Local
|
autodesk
|
autocad_architecture
autocad_electrical
autocad_mechanical
autocad_mep
autocad_plant_3d
civil_3d
advance_steel
autocad
|
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cau…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8587
|
2024-11-8 02:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
