|
312111
|
8.1 |
HIGH
Network
|
flowiseai
|
flowise
|
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restri…
|
CWE-287
Improper Authentication
|
CVE-2024-8181
|
2024-09-7 00:35 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312112
|
3.3 |
LOW
Local
|
samsung
|
android
|
Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.
|
NVD-CWE-noinfo
|
CVE-2024-34641
|
2024-09-7 00:27 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312113
|
9.8 |
CRITICAL
Network
|
hp
|
poly_clariti_manager_firmware
|
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls.
|
NVD-CWE-noinfo
|
CVE-2024-41912
|
2024-09-7 00:13 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312114
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
storvsc_queuecommand() maps the scatter/gather list using scsi_d…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48890
|
2024-09-7 00:11 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312115
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: sof-nau8825: fix module alias overflow
The maximum name length for a platform_device_id entry is 20 characters
inclu…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2022-48889
|
2024-09-7 00:08 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312116
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Remove rcu locks from user resources
User resource lookups used rcu to avoid two extra atomics. Unfortunately
the rcu…
|
NVD-CWE-noinfo
|
CVE-2022-48887
|
2024-09-6 23:55 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312117
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Memory request vulnerability in the memory management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-8298
|
2024-09-6 23:53 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312118
|
6.5 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-38321
|
2024-09-6 23:50 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312119
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ice: Add check for kzalloc
Add the check for the return value of kzalloc in order to avoid
NULL pointer dereference.
Moreover, us…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48886
|
2024-09-6 23:48 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312120
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ice: Fix potential memory leak in ice_gnss_tty_write()
The ice_gnss_tty_write() return directly if the write_buf alloc failed,
le…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48885
|
2024-09-6 23:46 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
