|
309521
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisati…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50239
|
2024-11-15 01:59 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309522
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
r…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50238
|
2024-11-15 01:58 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309523
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail to properly authorize the requests to /api/v4/channels which allows a User or System Manager, with "R…
|
CWE-863
Incorrect Authorization
|
CVE-2024-42000
|
2024-11-15 01:48 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309524
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels…
|
NVD-CWE-noinfo
|
CVE-2024-52032
|
2024-11-15 01:47 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309525
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Initialize struct nfsd4_copy earlier
Ensure the refcount and async_copies fields are initialized early.
cleanup_async_copy(…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50241
|
2024-11-15 01:45 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309526
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
Avoid potentially crashing in the driver because of unini…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50237
|
2024-11-15 01:42 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309527
|
- |
|
-
|
-
|
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2…
|
-
|
CVE-2024-44337
|
2024-11-15 01:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309528
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath10k: Fix memory leak in management tx
In the current logic, memory is allocated for storing the MSDU context
during mana…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50236
|
2024-11-15 01:29 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309529
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fork: only invoke khugepaged, ksm hooks if no error
There is no reason to invoke these hooks early against an mm that is in an
in…
|
NVD-CWE-noinfo
|
CVE-2024-50263
|
2024-11-15 01:23 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309530
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
riscv/purgatory: align riscv_kernel_entry
When alignment handling is delegated to the kernel, everything must be
word-aligned in …
|
-
|
CVE-2024-43868
|
2024-11-15 01:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
