|
304551
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-51689. Reason: This candidate is a reservation duplicate of CVE-2024-51689. Notes: All CVE users should reference …
|
-
|
CVE-2024-10686
|
2024-11-15 03:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304552
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: fix crash when config small gso_max_size/gso_ipv4_max_size
Config a small gso_max_size/gso_ipv4_max_size will lead to an und…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-50258
|
2024-11-15 03:12 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304553
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: Fix use-after-free in get_info()
ip6table_nat module unload has refcnt warning for UAF. call trace is:
WARNING: CPU: …
|
CWE-416
Use After Free
|
CVE-2024-50257
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304554
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
I got a syzbot report without a repro [1] crashing in nf_send_…
|
NVD-CWE-noinfo
|
CVE-2024-50256
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304555
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50255
|
2024-11-15 03:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304556
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()
bpf_iter_bits_destroy() uses "kit->nr_bits <= 64" to check whethe…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50254
|
2024-11-15 03:09 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304557
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Check the validity of nr_words in bpf_iter_bits_new()
Check the validity of nr_words in bpf_iter_bits_new(). Without this
ch…
|
NVD-CWE-noinfo
|
CVE-2024-50253
|
2024-11-15 03:09 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304558
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
The device stores IPv6 addresses that are used for encaps…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50252
|
2024-11-15 03:08 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304559
|
5.3 |
MEDIUM
Network
|
sap
|
s\/4_hana
|
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutabl…
|
CWE-650
Trusting HTTP Permission Methods on the Server Side
|
CVE-2024-45282
|
2024-11-15 02:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304560
|
4.3 |
MEDIUM
Network
|
sap
|
hana-client
|
The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. T…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2024-45277
|
2024-11-15 02:54 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
