|
313901
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix connection leak
There's a potential leak issue under following execution sequence :
smc_release smc_connect_wo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48909
|
2024-09-12 22:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313902
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
auxdisplay: lcd2s: Fix memory leak in ->remove()
Once allocated the struct lcd2s_data is never freed.
Fix the memory leak by swit…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48907
|
2024-09-12 22:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313903
|
5.3 |
MEDIUM
Network
|
sap
|
document_builder
|
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
|
CWE-862
Missing Authorization
|
CVE-2024-39591
|
2024-09-12 22:29 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313904
|
4.3 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user relate…
|
CWE-862
Missing Authorization
|
CVE-2024-41734
|
2024-09-12 22:28 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313905
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen/netfront: destroy queues before real_num_tx_queues is zeroed
xennet_destroy_queues() relies on info->netdev->real_num_tx_queu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48914
|
2024-09-12 22:27 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313906
|
5.4 |
MEDIUM
Network
|
sap
|
student_life_cycle_management
|
SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could a…
|
CWE-862
Missing Authorization
|
CVE-2024-42373
|
2024-09-12 22:26 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313907
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: fix possible use-after-free
Eric Dumazet says:
The sock_hold() side seems suspect, because there is no gua…
|
CWE-416
Use After Free
|
CVE-2022-48911
|
2024-09-12 22:24 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313908
|
- |
|
-
|
-
|
Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the …
|
-
|
CVE-2024-45857
|
2024-09-12 22:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313909
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix double list_add when enabling VMD in scalable mode
When enabling VMD and IOMMU scalable mode, the following kerne…
|
NVD-CWE-noinfo
|
CVE-2022-48916
|
2024-09-12 22:11 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313910
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
While the $val/$val2 values passed in from userspace are always >= …
|
NVD-CWE-noinfo
|
CVE-2022-48917
|
2024-09-12 22:07 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
