Lista CVE - 2024 / Ottobre
Visualizzazione 2401 - 2500 di 3570 CVE per Ottobre 2024 (Pagina 25 di 36)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-48953 | 2024-10-21 | rtc: cmos: Fix event handler registration ordering issue |
| CVE-2022-48954 | 2024-10-21 | s390/qeth: fix use-after-free in hsci |
| CVE-2022-48955 | 2024-10-21 | net: thunderbolt: fix memory leak in tbnet_open() |
| CVE-2022-48956 | 2024-10-21 | ipv6: avoid use-after-free in ip6_fragment() |
| CVE-2022-48957 | 2024-10-21 | dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() |
| CVE-2022-48958 | 2024-10-21 | ethernet: aeroflex: fix potential skb leak in greth_init_rings() |
| CVE-2022-48959 | 2024-10-21 | net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() |
| CVE-2022-48960 | 2024-10-21 | net: hisilicon: Fix potential use-after-free in hix5hd2_rx() |
| CVE-2022-48961 | 2024-10-21 | net: mdio: fix unbalanced fwnode reference count in mdio_device_release() |
| CVE-2022-48962 | 2024-10-21 | net: hisilicon: Fix potential use-after-free in hisi_femac_rx() |
| CVE-2022-48963 | 2024-10-21 | net: wwan: iosm: fix memory leak in ipc_mux_init() |
| CVE-2022-48964 | 2024-10-21 | ravb: Fix potential use-after-free in ravb_rx_gbeth() |
| CVE-2022-48965 | 2024-10-21 | gpio/rockchip: fix refcount leak in rockchip_gpiolib_register() |
| CVE-2022-48966 | 2024-10-21 | net: mvneta: Prevent out of bounds read in mvneta_config_rss() |
| CVE-2022-48967 | 2024-10-21 | NFC: nci: Bounds check struct nfc_target arrays |
| CVE-2022-48968 | 2024-10-21 | octeontx2-pf: Fix potential memory leak in otx2_init_tc() |
| CVE-2022-48969 | 2024-10-21 | xen-netfront: Fix NULL sring after live migration |
| CVE-2022-48970 | 2024-10-21 | af_unix: Get user_ns from in_skb in unix_diag_get_exact(). |
| CVE-2022-48971 | 2024-10-21 | Bluetooth: Fix not cleanup led when bt_init fails |
| CVE-2022-48972 | 2024-10-21 | mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() |
| CVE-2022-48973 | 2024-10-21 | gpio: amd8111: Fix PCI device reference count leak |
| CVE-2022-48974 | 2024-10-21 | netfilter: conntrack: fix using __this_cpu_add in preemptible |
| CVE-2022-48975 | 2024-10-21 | gpiolib: fix memory leak in gpiochip_setup_dev() |
| CVE-2022-48976 | 2024-10-21 | netfilter: flowtable_offload: fix using __this_cpu_add in preemptible |
| CVE-2022-48977 | 2024-10-21 | can: af_can: fix NULL pointer dereference in can_rcv_filter |
| CVE-2022-48978 | 2024-10-21 | HID: core: fix shift-out-of-bounds in hid_report_raw_event |
| CVE-2022-48979 | 2024-10-21 | drm/amd/display: fix array index out of bound error in DCN32 DML |
| CVE-2022-48980 | 2024-10-21 | net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() |
| CVE-2022-48981 | 2024-10-21 | drm/shmem-helper: Remove errant put in error path |
| CVE-2022-48982 | 2024-10-21 | Bluetooth: Fix crash when replugging CSR fake controllers |
| CVE-2022-48983 | 2024-10-21 | io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() |
| CVE-2022-48984 | 2024-10-21 | can: slcan: fix freed work crash |
| CVE-2022-48985 | 2024-10-21 | net: mana: Fix race on per-CQ variable napi work_done |
| CVE-2022-48986 | 2024-10-21 | mm/gup: fix gup_pud_range() for dax |
| CVE-2022-48987 | 2024-10-21 | media: v4l2-dv-timings.c: fix too strict blanking sanity checks |
| CVE-2022-48988 | 2024-10-21 | memcg: fix possible use-after-free in memcg_write_event_control() |
| CVE-2022-48989 | 2024-10-21 | fscache: Fix oops due to race with cookie_lru and use_cookie |
| CVE-2022-48990 | 2024-10-21 | drm/amdgpu: fix use-after-free during gpu recovery |
| CVE-2022-48991 | 2024-10-21 | mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths |
| CVE-2022-48992 | 2024-10-21 | ASoC: soc-pcm: Add NULL check in BE reparenting |
| CVE-2022-48994 | 2024-10-21 | ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event |
| CVE-2022-48995 | 2024-10-21 | Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send() |
| CVE-2022-48996 | 2024-10-21 | mm/damon/sysfs: fix wrong empty schemes assumption under online tuning in damon_sysfs_set_schemes() |
| CVE-2022-48997 | 2024-10-21 | char: tpm: Protect tpm_pm_suspend with locks |
| CVE-2022-48998 | 2024-10-21 | powerpc/bpf/32: Fix Oops on tail call tests |
| CVE-2022-48999 | 2024-10-21 | ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference |
| CVE-2022-49000 | 2024-10-21 | iommu/vt-d: Fix PCI device refcount leak in has_external_pci() |
| CVE-2022-49001 | 2024-10-21 | riscv: fix race when vmap stack overflow |
| CVE-2022-49002 | 2024-10-21 | iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() |
| CVE-2022-49003 | 2024-10-21 | nvme: fix SRCU protection of nvme_ns_head list |
| CVE-2022-49004 | 2024-10-21 | riscv: Sync efi page table's kernel mappings before switching |
| CVE-2022-49005 | 2024-10-21 | ASoC: ops: Fix bounds check for _sx controls |
| CVE-2022-49006 | 2024-10-21 | tracing: Free buffers when a used dynamic event is removed |
| CVE-2022-49007 | 2024-10-21 | nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() |
| CVE-2022-49008 | 2024-10-21 | can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down |
| CVE-2022-49009 | 2024-10-21 | hwmon: (asus-ec-sensors) Add checks for devm_kcalloc |
| CVE-2022-49010 | 2024-10-21 | hwmon: (coretemp) Check for null before removing sysfs attrs |
| CVE-2022-49011 | 2024-10-21 | hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() |
| CVE-2022-49012 | 2024-10-21 | afs: Fix server->active leak in afs_put_server |
| CVE-2022-49013 | 2024-10-21 | sctp: fix memory leak in sctp_stream_outq_migrate() |
| CVE-2022-49014 | 2024-10-21 | net: tun: Fix use-after-free in tun_detach() |
| CVE-2022-49015 | 2024-10-21 | net: hsr: Fix potential use-after-free |
| CVE-2022-49016 | 2024-10-21 | net: mdiobus: fix unbalanced node reference count |
| CVE-2022-49017 | 2024-10-21 | tipc: re-fetch skb cb after tipc_msg_validate |
| CVE-2022-49018 | 2024-10-21 | mptcp: fix sleep in atomic at close time |
| CVE-2022-49019 | 2024-10-21 | net: ethernet: nixge: fix NULL dereference |
| CVE-2022-49020 | 2024-10-21 | net/9p: Fix a potential socket leak in p9_socket_open |
| CVE-2022-49021 | 2024-10-21 | net: phy: fix null-ptr-deref while probe() failed |
| CVE-2022-49022 | 2024-10-21 | wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration |
| CVE-2022-49023 | 2024-10-21 | wifi: cfg80211: fix buffer overflow in elem comparison |
| CVE-2022-49024 | 2024-10-21 | can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods |
| CVE-2022-49025 | 2024-10-21 | net/mlx5e: Fix use-after-free when reverting termination table |
| CVE-2022-49026 | 2024-10-21 | e100: Fix possible use after free in e100_xmit_prepare |
| CVE-2022-49027 | 2024-10-21 | iavf: Fix error handling in iavf_init_module() |
| CVE-2022-49028 | 2024-10-21 | ixgbevf: Fix resource leak in ixgbevf_init_module() |
| CVE-2022-49029 | 2024-10-21 | hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails |
| CVE-2022-49030 | 2024-10-21 | libbpf: Handle size overflow for ringbuf mmap |
| CVE-2022-49031 | 2024-10-21 | iio: health: afe4403: Fix oob read in afe4403_read_raw |
| CVE-2022-49032 | 2024-10-21 | iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw |
| CVE-2022-49033 | 2024-10-21 | btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() |
| CVE-2024-8901 | 2024-10-21 | Lack of JWT issuer and signer validation |
| CVE-2024-10125 | 2024-10-21 | Lack of JWT issuer and signer validation |
| CVE-2022-23861 | 2024-10-22 | Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that,... |
| CVE-2022-23862 | 2024-10-22 | A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the... |
| CVE-2024-26519 | 2024-10-22 | An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component. |
| CVE-2024-31029 | 2024-10-22 | An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. |
| CVE-2024-40493 | 2024-10-22 | Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP... |
| CVE-2024-40494 | 2024-10-22 | Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. |
| CVE-2024-42643 | 2024-10-22 | Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access. |
| CVE-2024-44331 | 2024-10-22 | Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. |
| CVE-2024-44812 | 2024-10-22 | SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component. |
| CVE-2024-45518 | 2024-10-22 | An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Side... |
| CVE-2024-45526 | 2024-10-22 | An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually. |
| CVE-2024-46240 | 2024-10-22 | Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file. |
| CVE-2024-46482 | 2024-10-22 | An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file. |
| CVE-2024-46483 | 2024-10-22 | Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. |
| CVE-2024-46538 | 2024-10-22 | A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php. |
| CVE-2024-48415 | 2024-10-22 | itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the lastname, firstname, middlename, address, contact_no, email and tax_id parameters in new borrowers... |
| CVE-2024-48570 | 2024-10-22 | Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. |
| CVE-2024-48605 | 2024-10-22 | An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file. |