|
314721
|
5.3 |
MEDIUM
Network
|
hp
|
instantos
|
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results…
|
NVD-CWE-noinfo
|
CVE-2024-42397
|
2024-08-24 00:06 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314722
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6 fail to properly validate synced reactions, when shared channels are enabled, which allows a malicious remote to create arbitrary reactions on arbit…
|
NVD-CWE-noinfo
|
CVE-2024-29977
|
2024-08-23 23:52 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314723
|
6.4 |
MEDIUM
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to disallow the modification of local users when syncing users in shared channels. which allows a malicious rem…
|
NVD-CWE-noinfo
|
CVE-2024-36492
|
2024-08-23 23:51 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314724
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to properly validate that the channel that comes from the sync message is a shared channel, when shared chan…
|
NVD-CWE-noinfo
|
CVE-2024-39274
|
2024-08-23 23:39 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314725
|
9.6 |
CRITICAL
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to disallow unsolicited invites to expose access to local channels, when shared channels are enabled, which …
|
NVD-CWE-noinfo
|
CVE-2024-39777
|
2024-08-23 23:36 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314726
|
8.7 |
HIGH
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5, 9.8.x <= 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abu…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-39832
|
2024-08-23 23:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314727
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/cma: Do not change route.addr.src_addr outside state checks
If the state is not idle then resolve_prepare_src() should immed…
|
CWE-416
Use After Free
|
CVE-2022-48925
|
2024-08-23 11:07 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314728
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iio: adc: tsc2046: fix memory corruption by preventing array overflow
On one side we have indio_dev->num_channels includes all ph…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-48927
|
2024-08-23 11:05 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314729
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: add spinlock for rndis response list
There's no lock for rndis response list. It could cause list corruption
…
|
NVD-CWE-noinfo
|
CVE-2022-48926
|
2024-08-23 11:05 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314730
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix crash due to out of bounds access into reg2btf_ids.
When commit e6ac2450d6de ("bpf: Support bpf program calling kernel f…
|
CWE-125
Out-of-bounds Read
|
CVE-2022-48929
|
2024-08-23 11:00 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
