|
307521
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: pdr: protect locator_addr with the main mutex
If the service locator server is restarted fast enough, the PDR can
rewr…
|
CWE-667
Improper Locking
|
CVE-2024-43849
|
2024-10-25 01:02 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307522
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
Smatch report warning as follows:
drivers/hwmon/ibmpex.c:509 i…
|
CWE-416
Use After Free
|
CVE-2022-49029
|
2024-10-25 00:59 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307523
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ixgbevf: Fix resource leak in ixgbevf_init_module()
ixgbevf_init_module() won't destroy the workqueue created by
create_singlethr…
|
CWE-459
Incomplete Cleanup
|
CVE-2022-49028
|
2024-10-25 00:51 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307524
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
The cmd_buff needs to be freed …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48957
|
2024-10-24 23:41 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307525
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream
This commit addresses a null pointer derefere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49913
|
2024-10-24 23:39 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307526
|
7.2 |
HIGH
Network
|
princelycesar
|
hospital_management_system
|
SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
|
CWE-89
SQL Injection
|
CVE-2024-48657
|
2024-10-24 23:38 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307527
|
4.8 |
MEDIUM
Network
|
angeljudesuarez
|
student_management_system
|
Cross Site Scripting vulnerability in student management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48656
|
2024-10-24 23:37 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307528
|
9.8 |
CRITICAL
Network
|
brandonclark
|
sitebuilder_dynamic_components
|
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-49625
|
2024-10-24 23:37 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307529
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7915: fix oops on non-dbdc mt7986
mt7915_band_config() sets band_idx = 1 on the main phy for mt7986
with MT7975_ONE…
|
NVD-CWE-noinfo
|
CVE-2024-47715
|
2024-10-24 23:35 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307530
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros
Floating point instructions in userspace can crash some arm kernels
built …
|
NVD-CWE-noinfo
|
CVE-2024-47716
|
2024-10-24 23:34 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
