|
310981
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook
When enable CONFIG_MEMCG & CONFIG_KFENCE & CONFIG_KMEMLEAK, t…
|
NVD-CWE-noinfo
|
CVE-2024-46789
|
2024-11-21 02:27 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310982
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is
normally call…
|
NVD-CWE-noinfo
|
CVE-2024-46825
|
2024-11-21 02:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310983
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ELF: fix kernel.randomize_va_space double read
ELF loader uses "randomize_va_space" twice. It is sysctl and can change
at any mom…
|
NVD-CWE-noinfo
|
CVE-2024-46826
|
2024-11-21 02:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310984
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability exis…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20525
|
2024-11-21 01:54 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310985
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability exis…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20530
|
2024-11-21 01:50 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310986
|
6.5 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side reques…
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2024-20531
|
2024-11-21 01:45 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310987
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
|
CWE-89
SQL Injection
|
CVE-2024-49574
|
2024-11-21 01:32 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310988
|
8.8 |
HIGH
Network
|
zte
|
nh8091_firmware
|
ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute…
|
NVD-CWE-noinfo
|
CVE-2024-22067
|
2024-11-21 01:24 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310989
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/hdcp: Add encoder check in hdcp2_get_capability
Add encoder check in intel_hdcp2_get_capability to avoid
null pointer er…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-53050
|
2024-11-21 01:17 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310990
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
Sometimes during hotplug scenario or suspend/resume scenario encode…
|
NVD-CWE-noinfo
|
CVE-2024-53051
|
2024-11-21 01:16 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
