|
250831
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading
The handler of firmware …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47721
|
2024-10-24 05:57 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250832
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func
This commit adds a null check for the set_…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47720
|
2024-10-24 05:53 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250833
|
5.4 |
MEDIUM
Network
|
hasthemes
|
wp_education
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HT Plugins WP Education allows Stored XSS.This issue affects WP Education: from n/a throug…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49630
|
2024-10-24 05:44 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250834
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()
syzbot reports a f2fs bug as below:
__dump_stack lib/dump_stack.c:88…
|
CWE-416
Use After Free
|
CVE-2024-47691
|
2024-10-24 05:42 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250835
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Use reserved copy engine for user binds on faulting devices
User binds map to engines with can fault, faults depend on us…
|
NVD-CWE-noinfo
|
CVE-2024-47729
|
2024-10-24 05:40 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250836
|
9.8 |
CRITICAL
Network
|
piyushmca
|
shipyaari_shipping_management
|
Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-49626
|
2024-10-24 05:37 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250837
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error
For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT}…
|
CWE-459
Incomplete Cleanup
|
CVE-2024-47728
|
2024-10-24 05:36 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250838
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/tdx: Fix "in-kernel MMIO" check
TDX only supports kernel-initiated MMIO operations. The handle_mmio()
function checks if the …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-47727
|
2024-10-24 05:32 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250839
|
8.1 |
HIGH
Network
|
jsbroks
|
coco_annotator
|
A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the component Session Handler. The manipulation of the argument SECRE…
|
NVD-CWE-Other
|
CVE-2024-10141
|
2024-10-24 05:27 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250840
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
Not doing so will make us send a host command to the transport while t…
|
NVD-CWE-noinfo
|
CVE-2024-47673
|
2024-10-24 05:19 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
