|
305731
|
7.8 |
HIGH
Local
|
trendmicro
|
antivirus_one
|
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
|
NVD-CWE-noinfo
|
CVE-2024-45334
|
2024-10-25 23:41 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305732
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: ensure the fw_info is not null before using it
This resolves the dereference null return value warning
reported by Co…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49890
|
2024-10-25 23:41 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305733
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down
In can327_feed_frame_to_netdev(), it did n…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-49008
|
2024-10-25 23:38 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305734
|
5.5 |
MEDIUM
Local
|
trendmicro
|
antivirus_one
|
Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detectio…
|
NVD-CWE-noinfo
|
CVE-2024-45335
|
2024-10-25 23:37 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305735
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid use-after-free in ext4_ext_show_leaf()
In ext4_find_extent(), path may be freed by error or be reallocated, so
using …
|
CWE-416
Use After Free
|
CVE-2024-49889
|
2024-10-25 23:37 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305736
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Initialize denominators' default to 1
[WHAT & HOW]
Variables used as denominators and maybe not assigned to othe…
|
CWE-369
Divide By Zero
|
CVE-2024-49899
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305737
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
Syzbot reported a null-ptr-deref bug:
NILFS (loop0): s…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-49007
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305738
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation
This commit addresses a potential index out…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49895
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305739
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check stream_status before it is used
[WHAT & HOW]
dc_state_get_stream_status can return null, and therefore nul…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49893
|
2024-10-25 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305740
|
8.7 |
HIGH
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. This can be leveraged to g…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47819
|
2024-10-25 23:24 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
