|
256411
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()`
When enabling UBSAN on Raspberry Pi 5, we get the following warning:
[ 3…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44993
|
2024-09-7 01:28 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256412
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rtla/osnoise: Prevent NULL dereference in error handling
If the "tool->data" allocation fails then there is no need to call
osnoi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45002
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256413
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gtp: pull network headers in gtp_dev_xmit()
syzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1]
We must make sure th…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-44999
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256414
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/netfs/fscache_cookie: add missing "n_accesses" check
This fixes a NULL pointer dereference bug due to a data race which
looks …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45000
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256415
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacke…
|
CWE-416
Use After Free
|
CVE-2024-45107
|
2024-09-7 01:26 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256416
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration
re-enumerating full-speed devices after a failed address …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45006
|
2024-09-7 01:26 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256417
|
5.3 |
MEDIUM
Network
|
trellix
|
intrusion_prevention_system_manager
|
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly
|
CWE-287
Improper Authentication
|
CVE-2024-5956
|
2024-09-7 01:25 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256418
|
7.5 |
HIGH
Network
|
trellix
|
intrusion_prevention_system_manager
|
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager.
|
CWE-287
Improper Authentication
|
CVE-2024-5957
|
2024-09-7 01:24 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256419
|
4.3 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpext_change_admin_name() funct…
|
CWE-862
Missing Authorization
|
CVE-2024-8121
|
2024-09-7 01:20 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256420
|
6.1 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.0.8 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8119
|
2024-09-7 01:11 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
