|
309621
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros
Floating point instructions in userspace can crash some arm kernels
built …
|
NVD-CWE-noinfo
|
CVE-2024-47716
|
2024-10-24 23:34 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309622
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7996: use hweight16 to get correct tx antenna
The chainmask is u16 so using hweight8 cannot get correct tx_ant.
Wit…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47714
|
2024-10-24 23:33 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309623
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data
With the latest Linux-6.11-rc3, the below NULL pointer crash is…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47717
|
2024-10-24 23:32 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309624
|
9.8 |
CRITICAL
Network
|
tecno-mobile
|
4g_portable_wifi_tr118_firmware
|
A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goform_get_cm…
|
CWE-89
SQL Injection
|
CVE-2024-10195
|
2024-10-24 23:28 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309625
|
6.5 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to wait dio completion
It should wait all existing dio write IOs before block removal,
otherwise, previous direct write…
|
NVD-CWE-noinfo
|
CVE-2024-47726
|
2024-10-24 23:24 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309626
|
7.8 |
HIGH
Local
|
sangoma
|
certified_asterisk
asterisk
|
An issue was discovered in Sangoma Asterisk through 18.20.0, 19.x and 20.x through 20.5.0, and 21.x through 21.0.0, and Certified Asterisk through 18.9-cert5. In manager.c, the functions action_getco…
|
CWE-22
Path Traversal
|
CVE-2024-49215
|
2024-10-24 23:10 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309627
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
af_unix: Don't return OOB skb in manage_oob().
syzbot reported use-after-free in unix_stream_recv_urg(). [0]
The scenario is
…
|
CWE-416
Use After Free
|
CVE-2024-47711
|
2024-10-24 23:03 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309628
|
9.8 |
CRITICAL
Network
|
elecom
|
wab-i1750-ps_firmware
wab-s1167-ps_firmware
|
Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. By processing a specially crafted HTTP request, arbitrary code may be executed.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-43689
|
2024-10-24 23:02 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309629
|
7.5 |
HIGH
Network
|
wellchoose
|
administrative_management_system
|
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
|
CWE-22
Path Traversal
|
CVE-2024-10200
|
2024-10-24 22:57 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309630
|
7.2 |
HIGH
Network
|
total-soft
|
ts_poll
|
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
|
CWE-89
SQL Injection
|
CVE-2024-8625
|
2024-10-24 22:56 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
