|
310781
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute comman…
|
CWE-352
Origin Validation Error
|
CVE-2024-20437
|
2024-10-25 04:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310782
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
[WHAT & HOW]
"dcn20_validate_apply_pipe_split_flags" dere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49923
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310783
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
Since commit 3f8ca2e115e5 ("vhost/scsi: Extract common handling code
fro…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49863
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310784
|
- |
|
-
|
-
|
Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communica…
|
-
|
CVE-2024-50050
|
2024-10-25 04:35 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310785
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix possible badness in FREE_STATEID
When multiple FREE_STATEIDs are sent for the same delegation stateid,
it can lead to a…
|
CWE-416
Use After Free
|
CVE-2024-50043
|
2024-10-25 04:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310786
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
i40e: Fix macvlan leak by synchronizing access to mac_filter_hash
This patch addresses a macvlan leak issue in the i40e driver ca…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50041
|
2024-10-25 04:31 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310787
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ravb: Fix potential use-after-free in ravb_rx_gbeth()
The skb is delivered to napi_gro_receive() which may free it, after calling…
|
CWE-416
Use After Free
|
CVE-2022-48964
|
2024-10-25 04:28 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310788
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: wwan: iosm: fix memory leak in ipc_mux_init()
When failed to alloc ipc_mux->ul_adb.pp_qlt in ipc_mux_init(), ipc_mux
is not …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48963
|
2024-10-25 04:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310789
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
The skb is delivered to napi_gro_receive() which may free it, aft…
|
CWE-416
Use After Free
|
CVE-2022-48962
|
2024-10-25 04:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310790
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
The skb is delivered to napi_gro_receive() which may free it, after
…
|
CWE-416
Use After Free
|
CVE-2022-48960
|
2024-10-25 04:24 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
