|
317001
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: fix UAF around queue destruction
We currently do stuff like queuing the final destruction step on a
random system wq, whi…
|
CWE-416
Use After Free
|
CVE-2024-49876
|
2024-10-25 04:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317002
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
s390/qeth: fix use-after-free in hsci
KASAN found that addr was dereferenced after br2dev_event_work was freed.
================…
|
CWE-416
Use After Free
|
CVE-2022-48954
|
2024-10-25 04:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317003
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC
Eric report a panic on IPPROTO_SMC, and give the facts
that when INET_PROTOSW…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50034
|
2024-10-25 04:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317004
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affecte…
|
NVD-CWE-noinfo
|
CVE-2024-20464
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317005
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
ios_xe_sd-wan
|
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote a…
|
NVD-CWE-noinfo
|
CVE-2024-20455
|
2024-10-25 04:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317006
|
5.8 |
MEDIUM
Network
|
cisco
|
ios
|
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote att…
|
NVD-CWE-noinfo
|
CVE-2024-20465
|
2024-10-25 04:46 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317007
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute comman…
|
CWE-352
Origin Validation Error
|
CVE-2024-20437
|
2024-10-25 04:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317008
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
[WHAT & HOW]
"dcn20_validate_apply_pipe_split_flags" dere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49923
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317009
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
Since commit 3f8ca2e115e5 ("vhost/scsi: Extract common handling code
fro…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49863
|
2024-10-25 04:43 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317010
|
- |
|
-
|
-
|
Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communica…
|
-
|
CVE-2024-50050
|
2024-10-25 04:35 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
