|
307031
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: avoid use-after-free in ext4_ext_show_leaf()
In ext4_find_extent(), path may be freed by error or be reallocated, so
using …
|
CWE-416
Use After Free
|
CVE-2024-49889
|
2024-10-25 23:37 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307032
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Initialize denominators' default to 1
[WHAT & HOW]
Variables used as denominators and maybe not assigned to othe…
|
CWE-369
Divide By Zero
|
CVE-2024-49899
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307033
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
Syzbot reported a null-ptr-deref bug:
NILFS (loop0): s…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-49007
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307034
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation
This commit addresses a potential index out…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49895
|
2024-10-25 23:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307035
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check stream_status before it is used
[WHAT & HOW]
dc_state_get_stream_status can return null, and therefore nul…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49893
|
2024-10-25 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307036
|
8.7 |
HIGH
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. This can be leveraged to g…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47819
|
2024-10-25 23:24 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307037
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
for_each_pci_dev() is implemented by pci_get_device(). The comm…
|
NVD-CWE-Other
|
CVE-2022-49002
|
2024-10-25 23:24 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307038
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: Sync efi page table's kernel mappings before switching
The EFI page table is initially created as a copy of the kernel pag…
|
NVD-CWE-noinfo
|
CVE-2022-49004
|
2024-10-25 23:21 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307039
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Fix bounds check for _sx controls
For _sx controls the semantics of the max field is not the usual one, max
is the num…
|
NVD-CWE-noinfo
|
CVE-2022-49005
|
2024-10-25 23:17 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307040
|
- |
|
-
|
-
|
Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292.
|
-
|
CVE-2024-47014
|
2024-10-25 23:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
