|
307301
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: fix uaf for accessing waker_bfqq after splitting
After commit 42c306ed7233 ("block, bfq: don't break merge chain in
b…
|
CWE-416
Use After Free
|
CVE-2024-49854
|
2024-10-24 01:29 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307302
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smack: tcp: ipv4, fix incorrect labeling
Currently, Smack mirrors the label of incoming tcp/ipv4 connections:
when a label 'foo' …
|
NVD-CWE-noinfo
|
CVE-2024-47659
|
2024-10-24 01:29 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307303
|
8.8 |
HIGH
Adjacent
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Goto_chidx of the file login.cgi of the component Fron…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-10194
|
2024-10-24 01:16 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307304
|
7.2 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of …
|
CWE-77
Command Injection
|
CVE-2024-10193
|
2024-10-24 01:16 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307305
|
5.3 |
MEDIUM
Network
|
stylemixthemes
|
cost_calculator_builder
|
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipula…
|
NVD-CWE-Other
|
CVE-2024-6010
|
2024-10-24 01:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307306
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Fix double free in OPTEE transport
Channels can be shared between protocols, avoid freeing the same channel
d…
|
CWE-415
Double Free
|
CVE-2024-49853
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307307
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()
The kref_put() function will call nport->release if the …
|
CWE-416
Use After Free
|
CVE-2024-49852
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307308
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: stm32/cryp - call finalize with bh disabled
The finalize operation in interrupt mode produce a produces a spinlock
recurs…
|
NVD-CWE-noinfo
|
CVE-2024-47658
|
2024-10-24 01:14 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307309
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
[Why & How]
It actually exposes '6' types in enum dmu…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46871
|
2024-10-24 01:10 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307310
|
5.3 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()
syzbot reports a f2fs bug as below:
------------[ cut here ]---…
|
CWE-362
Race Condition
|
CVE-2024-47689
|
2024-10-24 00:53 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
