|
310511
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: tun: Fix use-after-free in tun_detach()
syzbot reported use-after-free in tun_detach() [1]. This causes call
trace like bel…
|
CWE-416
Use After Free
|
CVE-2022-49014
|
2024-10-25 03:29 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310512
|
- |
|
-
|
-
|
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: thi…
|
-
|
CVE-2024-46257
|
2024-10-25 03:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310513
|
7.5 |
HIGH
Network
|
mfasoft
|
secure_authentication_server
|
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows re…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-46937
|
2024-10-25 02:35 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310514
|
7.5 |
HIGH
Network
|
opendaylight
|
authentication\
_authorization_and_accounting
|
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue con…
|
NVD-CWE-noinfo
|
CVE-2024-46943
|
2024-10-25 02:35 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310515
|
6.7 |
MEDIUM
Local
|
crucial
|
mx500_firmware
|
Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42642
|
2024-10-25 02:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310516
|
- |
|
-
|
-
|
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.
|
-
|
CVE-2024-46256
|
2024-10-25 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310517
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream'
This commit adds a null check for 'stream_st…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49912
|
2024-10-25 02:10 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310518
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe
This commit addresses a null pointer dereference …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49914
|
2024-10-25 02:09 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310519
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw
This commit addresses a potential null pointer dereference issue in …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49915
|
2024-10-25 02:08 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310520
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw
This commit addresses a potential null pointer d…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49916
|
2024-10-25 02:03 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
