|
307931
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix bridge mode operations when there are no VFs
Currently, trying to set the bridge mode attribute when numvfs=0 leads…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46857
|
2024-10-2 02:10 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307932
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()
If the __qcuefi pointer is not set, then in the original code, we wo…
|
CWE-667
Improper Locking
|
CVE-2024-46868
|
2024-10-2 02:09 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307933
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/client: fix deadlock in show_meminfo()
There is a real deadlock as well as sleeping in atomic() bug in here, if
the bo put…
|
CWE-667
Improper Locking
|
CVE-2024-46867
|
2024-10-2 02:09 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307934
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/client: add missing bo locking in show_meminfo()
bo_meminfo() wants to inspect bo state like tt and the ttm resource,
howe…
|
CWE-667
Improper Locking
|
CVE-2024-46866
|
2024-10-2 02:09 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307935
|
6.5 |
MEDIUM
Network
|
devolutions
|
devolutions_server
|
Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing inte…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6512
|
2024-10-2 01:36 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307936
|
9.8 |
CRITICAL
Network
|
doverfuelingsolutions
|
progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware
|
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full privileges by requesting the URL directly.
|
NVD-CWE-Other
|
CVE-2024-43692
|
2024-10-2 01:22 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307937
|
9.8 |
CRITICAL
Network
|
doverfuelingsolutions
|
progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware
|
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a remote attacker to inject arbitrary commands.
|
CWE-77
Command Injection
|
CVE-2024-45066
|
2024-10-2 01:18 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307938
|
8.8 |
HIGH
Network
|
doverfuelingsolutions
|
progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware
|
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
|
NVD-CWE-noinfo
|
CVE-2024-45373
|
2024-10-2 01:13 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307939
|
9.1 |
CRITICAL
Network
|
watchguard
|
single_sign-on_client
authentication_gateway
|
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Win…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6592
|
2024-10-2 01:06 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307940
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices
The probe() function is only used for DP83822 and DP83826 PHY,…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46856
|
2024-10-2 01:04 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
