|
256011
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
Syzkaller with UBSAN uncovered a scenario where a large…
|
NVD-CWE-noinfo
|
CVE-2022-48906
|
2024-09-12 22:41 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256012
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
During driver initialization, the pointer of card info, i.e. the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48908
|
2024-09-12 22:37 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256013
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix connection leak
There's a potential leak issue under following execution sequence :
smc_release smc_connect_wo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48909
|
2024-09-12 22:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256014
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
auxdisplay: lcd2s: Fix memory leak in ->remove()
Once allocated the struct lcd2s_data is never freed.
Fix the memory leak by swit…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48907
|
2024-09-12 22:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256015
|
5.3 |
MEDIUM
Network
|
sap
|
document_builder
|
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
|
CWE-862
Missing Authorization
|
CVE-2024-39591
|
2024-09-12 22:29 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256016
|
4.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate…
|
CWE-862
Missing Authorization
|
CVE-2024-41734
|
2024-09-12 22:28 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256017
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen/netfront: destroy queues before real_num_tx_queues is zeroed
xennet_destroy_queues() relies on info->netdev->real_num_tx_queu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48914
|
2024-09-12 22:27 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256018
|
5.4 |
MEDIUM
Network
|
sap
|
student_life_cycle_management
|
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a…
|
CWE-862
Missing Authorization
|
CVE-2024-42373
|
2024-09-12 22:26 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256019
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: fix possible use-after-free
Eric Dumazet says:
The sock_hold() side seems suspect, because there is no gua…
|
CWE-416
Use After Free
|
CVE-2022-48911
|
2024-09-12 22:24 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256020
|
- |
|
-
|
-
|
Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the …
|
-
|
CVE-2024-45857
|
2024-09-12 22:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
