|
310801
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: nixge: fix NULL dereference
In function nixge_hw_dma_bd_release() dereference of NULL pointer
priv->rx_bd_v is pos…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-49019
|
2024-10-25 03:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310802
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
libbpf: Handle size overflow for ringbuf mmap
The maximum size of ringbuf is 2GB on x86-64 host, so 2 * max_entries
will overflow…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2022-49030
|
2024-10-25 03:42 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310803
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fix sleep in atomic at close time
Matt reported a splat at msk close time:
BUG: sleeping function called from invalid…
|
CWE-667
Improper Locking
|
CVE-2022-49018
|
2024-10-25 03:38 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310804
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tipc: re-fetch skb cb after tipc_msg_validate
As the call trace shows, the original skb was freed in tipc_msg_validate(),
and der…
|
CWE-416
Use After Free
|
CVE-2022-49017
|
2024-10-25 03:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310805
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: mdiobus: fix unbalanced node reference count
I got the following report while doing device(mscc-miim) load test
with CONFIG_…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-49016
|
2024-10-25 03:35 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310806
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hsr: Fix potential use-after-free
The skb is delivered to netif_rx() which may free it, after calling this,
dereferencing sk…
|
CWE-416
Use After Free
|
CVE-2022-49015
|
2024-10-25 03:31 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310807
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: tun: Fix use-after-free in tun_detach()
syzbot reported use-after-free in tun_detach() [1]. This causes call
trace like bel…
|
CWE-416
Use After Free
|
CVE-2022-49014
|
2024-10-25 03:29 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310808
|
- |
|
-
|
-
|
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: thi…
|
-
|
CVE-2024-46257
|
2024-10-25 03:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310809
|
7.5 |
HIGH
Network
|
mfasoft
|
secure_authentication_server
|
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows re…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-46937
|
2024-10-25 02:35 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310810
|
7.5 |
HIGH
Network
|
opendaylight
|
authentication\
_authorization_and_accounting
|
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue con…
|
NVD-CWE-noinfo
|
CVE-2024-46943
|
2024-10-25 02:35 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
