|
315871
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix handling of cached open files in nfsd4_open codepath
Commit fb70bf124b05 ("NFSD: Instantiate a struct file when creatin…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52909
|
2024-09-12 23:52 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315872
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/msm: another fix for the headless Adreno GPU
Fix another oops reproducible when rebooting the board with the Adreno
GPU worki…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52911
|
2024-09-12 23:49 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315873
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/iova: Fix alloc iova overflows issue
In __alloc_and_insert_iova_range, there is an issue that retry_pfn
overflows. The valu…
|
NVD-CWE-noinfo
|
CVE-2023-52910
|
2024-09-12 23:47 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315874
|
6.3 |
MEDIUM
Local
|
sap
|
netweaver_abap
netweaver_java
content_server
web_dispatcher
|
Due to the missing authorization checks in the
local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application
Server (ABAP and Java), and SAP Content Server can impersonate other use…
|
CWE-862
Missing Authorization
|
CVE-2024-33005
|
2024-09-12 23:39 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315875
|
- |
|
-
|
-
|
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for FRP state. This could lead to local escalation of privilege with no additional execution privileges n…
|
-
|
CVE-2024-40650
|
2024-09-12 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315876
|
- |
|
-
|
-
|
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution pri…
|
-
|
CVE-2024-23716
|
2024-09-12 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315877
|
- |
|
-
|
-
|
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell comma…
|
-
|
CVE-2024-8504
|
2024-09-12 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315878
|
- |
|
-
|
-
|
Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL injection vulnerability via the parid parameter at /fx/baseinfo/SearchInfo.
|
-
|
CVE-2024-43040
|
2024-09-12 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315879
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fixed bug on error when unloading amdgpu
Fixed bug on error when unloading amdgpu.
The error message is as follows:
…
|
NVD-CWE-noinfo
|
CVE-2023-52912
|
2024-09-12 23:35 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315880
|
9.0 |
CRITICAL
Network
|
beckhoff
|
twincat\/bsd
ipc_diagnostics_package
|
The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker.
|
CWE-79
Cross-site Scripting
|
CVE-2024-41174
|
2024-09-12 23:33 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
