|
303211
|
7.8 |
HIGH
Local
|
google
|
android
|
In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no a…
|
NVD-CWE-noinfo
|
CVE-2023-35659
|
2024-11-21 02:35 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303212
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend
We do not directly enable/disable VCN IRQ in vcn 5.0.0.
And we do not handl…
|
NVD-CWE-noinfo
|
CVE-2024-46820
|
2024-11-21 02:34 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303213
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: protect references to superblock parameters exposed in sysfs
The superblock buffers of nilfs2 can not only be overwritten…
|
NVD-CWE-noinfo
|
CVE-2024-46780
|
2024-11-21 02:31 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303214
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook
When enable CONFIG_MEMCG & CONFIG_KFENCE & CONFIG_KMEMLEAK, t…
|
NVD-CWE-noinfo
|
CVE-2024-46789
|
2024-11-21 02:27 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303215
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is
normally call…
|
NVD-CWE-noinfo
|
CVE-2024-46825
|
2024-11-21 02:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303216
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ELF: fix kernel.randomize_va_space double read
ELF loader uses "randomize_va_space" twice. It is sysctl and can change
at any mom…
|
NVD-CWE-noinfo
|
CVE-2024-46826
|
2024-11-21 02:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303217
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability exis…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20525
|
2024-11-21 01:54 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303218
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability exis…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20530
|
2024-11-21 01:50 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303219
|
6.5 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side reques…
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2024-20531
|
2024-11-21 01:45 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303220
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_adaudit_plus
|
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
|
CWE-89
SQL Injection
|
CVE-2024-49574
|
2024-11-21 01:32 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
