|
312831
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_socket: fix sk refcount leaks
We must put 'sk' reference before returning.
|
NVD-CWE-Other
|
CVE-2024-46855
|
2024-10-17 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312832
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
The panasonic laptop code in various places uses the SINF a…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46859
|
2024-10-17 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312833
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: Fix uaf in __timer_delete_sync
There are two paths to access mptcp_pm_del_add_timer, result in a race
condition:
…
|
CWE-416
Use After Free
|
CVE-2024-46858
|
2024-10-17 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312834
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dma-buf: heaps: Fix off-by-one in CMA heap fault handler
Until VM_DONTEXPAND was added in commit 1c1914d6e8c6 ("dma-buf: heaps:
D…
|
CWE-193
Off-by-one Error
|
CVE-2024-46852
|
2024-10-17 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312835
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Prevent unmapping active read buffers
The kms paths keep a persistent map active to read and compare the cursor
buffe…
|
NVD-CWE-noinfo
|
CVE-2024-46710
|
2024-10-17 23:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312836
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass permissions check in inode_setsecctx hook
Marek Gresko reports that the root user on an NFS client is…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-46695
|
2024-10-17 23:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312837
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()
The subs function argument may be NULL, so…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52904
|
2024-10-17 23:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312838
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Always drain health in shutdown callback
There is no point in recovery during device shutdown. if health
work started n…
|
-
|
CVE-2024-43866
|
2024-10-17 23:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312839
|
6.1 |
MEDIUM
Network
|
phpoffice
|
phpspreadsheet
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting (XSS) vulnerability due to imprope…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45060
|
2024-10-17 23:14 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312840
|
5.5 |
MEDIUM
Local
|
fortra
|
robot_schedule
|
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8264
|
2024-10-17 23:06 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
