Lista CVE - 2024 / Dicembre
Visualizzazione 2901 - 3000 di 3433 CVE per Dicembre 2024 (Pagina 30 di 35)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-11921 | 2024-12-27 | Give < 3.19.0 - Reflected XSS |
| CVE-2024-12982 | 2024-12-27 | PHPGurukul Blood Bank & Donor Management System update-contactinfo.php cross site scripting |
| CVE-2024-12983 | 2024-12-27 | code-projects Hospital Management System Edit Doctor Details Page manage-doctors.php cross site scripting |
| CVE-2020-9080 | 2024-12-27 | There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to... |
| CVE-2020-9081 | 2024-12-27 | There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the... |
| CVE-2020-9082 | 2024-12-27 | There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB... |
| CVE-2020-9085 | 2024-12-27 | There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter... |
| CVE-2020-9086 | 2024-12-27 | There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value,... |
| CVE-2020-9089 | 2024-12-27 | There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to... |
| CVE-2024-3393 | 2024-12-27 | PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet |
| CVE-2020-9210 | 2024-12-27 | There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware.... |
| CVE-2020-9211 | 2024-12-27 | There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause... |
| CVE-2020-9222 | 2024-12-27 | There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate... |
| CVE-2020-9236 | 2024-12-27 | There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to... |
| CVE-2020-9253 | 2024-12-27 | There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to... |
| CVE-2020-1818 | 2024-12-27 | There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur... |
| CVE-2020-1819 | 2024-12-27 | There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur... |
| CVE-2024-53164 | 2024-12-27 | net: sched: fix ordering of qlen adjustment |
| CVE-2022-49034 | 2024-12-27 | sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK |
| CVE-2024-53165 | 2024-12-27 | sh: intc: Fix use-after-free bug in register_intc_controller() |
| CVE-2024-53166 | 2024-12-27 | block, bfq: fix bfqq uaf in bfq_limit_depth() |
| CVE-2024-53167 | 2024-12-27 | nfs/blocklayout: Don't attempt unregister for invalid block device |
| CVE-2024-53168 | 2024-12-27 | sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket |
| CVE-2024-53169 | 2024-12-27 | nvme-fabrics: fix kernel crash while shutting down controller |
| CVE-2024-53170 | 2024-12-27 | block: fix uaf for flush rq while iterating tags |
| CVE-2024-53171 | 2024-12-27 | ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit |
| CVE-2024-53172 | 2024-12-27 | ubi: fastmap: Fix duplicate slab cache names while attaching |
| CVE-2024-53173 | 2024-12-27 | NFSv4.0: Fix a use-after-free problem in the asynchronous open() |
| CVE-2024-53174 | 2024-12-27 | SUNRPC: make sure cache entry active before cache_show |
| CVE-2024-53175 | 2024-12-27 | ipc: fix memleak if msg_init_ns failed in create_ipc_ns |
| CVE-2024-53176 | 2024-12-27 | smb: During unmount, ensure all cached dir instances drop their dentry |
| CVE-2024-53177 | 2024-12-27 | smb: prevent use-after-free due to open_cached_dir error paths |
| CVE-2024-53178 | 2024-12-27 | smb: Don't leak cfid when reconnect races with open_cached_dir |
| CVE-2024-53179 | 2024-12-27 | smb: client: fix use-after-free of signing key |
| CVE-2024-53180 | 2024-12-27 | ALSA: pcm: Add sanity NULL check for the default mmap fault handler |
| CVE-2024-53181 | 2024-12-27 | um: vector: Do not use drvdata in release |
| CVE-2024-53182 | 2024-12-27 | Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()" |
| CVE-2024-53183 | 2024-12-27 | um: net: Do not use drvdata in release |
| CVE-2024-53184 | 2024-12-27 | um: ubd: Do not use drvdata in release |
| CVE-2024-53185 | 2024-12-27 | smb: client: fix NULL ptr deref in crypto_aead_setkey() |
| CVE-2024-53186 | 2024-12-27 | ksmbd: fix use-after-free in SMB request handling |
| CVE-2024-53187 | 2024-12-27 | io_uring: check for overflows in io_pin_pages |
| CVE-2024-53188 | 2024-12-27 | wifi: ath12k: fix crash when unbinding |
| CVE-2024-53189 | 2024-12-27 | wifi: nl80211: fix bounds checker error in nl80211_parse_sched_scan |
| CVE-2024-53190 | 2024-12-27 | wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures |
| CVE-2024-53191 | 2024-12-27 | wifi: ath12k: fix warning when unbinding |
| CVE-2024-53192 | 2024-12-27 | clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access |
| CVE-2024-53193 | 2024-12-27 | clk: clk-loongson2: Fix memory corruption bug in struct loongson2_clk_provider |
| CVE-2024-53194 | 2024-12-27 | PCI: Fix use-after-free of slot->bus on hot remove |
| CVE-2024-53195 | 2024-12-27 | KVM: arm64: Get rid of userspace_irqchip_in_use |
| CVE-2024-53196 | 2024-12-27 | KVM: arm64: Don't retire aborted MMIO instruction |
| CVE-2024-53197 | 2024-12-27 | ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices |
| CVE-2024-53198 | 2024-12-27 | xen: Fix the issue of resource not being properly released in xenbus_dev_probe() |
| CVE-2024-53199 | 2024-12-27 | ASoC: imx-audmix: Add NULL check in imx_audmix_probe |
| CVE-2024-53200 | 2024-12-27 | drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp |
| CVE-2024-53201 | 2024-12-27 | drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe |
| CVE-2024-53202 | 2024-12-27 | firmware_loader: Fix possible resource leak in fw_log_firmware_info() |
| CVE-2024-53203 | 2024-12-27 | usb: typec: fix potential array underflow in ucsi_ccg_sync_control() |
| CVE-2024-53204 | 2024-12-27 | phy: realtek: usb: fix NULL deref in rtk_usb3phy_probe |
| CVE-2024-53205 | 2024-12-27 | phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe |
| CVE-2024-53206 | 2024-12-27 | tcp: Fix use-after-free of nreq in reqsk_timer_handler(). |
| CVE-2024-53207 | 2024-12-27 | Bluetooth: MGMT: Fix possible deadlocks |
| CVE-2024-53208 | 2024-12-27 | Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync |
| CVE-2024-53209 | 2024-12-27 | bnxt_en: Fix receive ring space parameters when XDP is active |
| CVE-2024-53210 | 2024-12-27 | s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() |
| CVE-2024-53211 | 2024-12-27 | net/l2tp: fix warning in l2tp_exit_net found by syzbot |
| CVE-2024-53212 | 2024-12-27 | netlink: fix false positive warning in extack during dumps |
| CVE-2024-53213 | 2024-12-27 | net: usb: lan78xx: Fix double free issue with interrupt buffer allocation |
| CVE-2024-53214 | 2024-12-27 | vfio/pci: Properly hide first-in-list PCIe extended capability |
| CVE-2024-53215 | 2024-12-27 | svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() |
| CVE-2024-53216 | 2024-12-27 | nfsd: release svc_expkey/svc_export with rcu_work |
| CVE-2024-53217 | 2024-12-27 | NFSD: Prevent NULL dereference in nfsd4_process_cb_update() |
| CVE-2024-53218 | 2024-12-27 | f2fs: fix race in concurrent f2fs_stop_gc_thread |
| CVE-2024-53219 | 2024-12-27 | virtiofs: use pages instead of pointer for kernel direct IO |
| CVE-2024-53220 | 2024-12-27 | f2fs: fix to account dirty data in __get_secs_required() |
| CVE-2024-53221 | 2024-12-27 | f2fs: fix null-ptr-deref in f2fs_submit_page_bio() |
| CVE-2024-53222 | 2024-12-27 | zram: fix NULL pointer in comp_algorithm_show() |
| CVE-2024-53223 | 2024-12-27 | clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs |
| CVE-2024-53224 | 2024-12-27 | RDMA/mlx5: Move events notifier registration to be after device registration |
| CVE-2024-53225 | 2024-12-27 | iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift |
| CVE-2024-53226 | 2024-12-27 | RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() |
| CVE-2024-53227 | 2024-12-27 | scsi: bfa: Fix use-after-free in bfad_im_module_exit() |
| CVE-2024-53228 | 2024-12-27 | riscv: kvm: Fix out-of-bounds array access |
| CVE-2024-53229 | 2024-12-27 | RDMA/rxe: Fix the qp flush warnings in req |
| CVE-2024-53230 | 2024-12-27 | cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() |
| CVE-2024-53231 | 2024-12-27 | cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() |
| CVE-2024-53232 | 2024-12-27 | iommu/s390: Implement blocking domain |
| CVE-2024-53233 | 2024-12-27 | unicode: Fix utf8_load() error path |
| CVE-2024-53234 | 2024-12-27 | erofs: handle NONHEAD !delta[1] lclusters gracefully |
| CVE-2024-53235 | 2024-12-27 | erofs: fix file-backed mounts over FUSE |
| CVE-2024-53236 | 2024-12-27 | xsk: Free skb when TX metadata options are invalid |
| CVE-2024-53237 | 2024-12-27 | Bluetooth: fix use-after-free in device_for_each_child() |
| CVE-2024-53238 | 2024-12-27 | Bluetooth: btmtk: adjust the position to init iso data anchor |
| CVE-2024-53239 | 2024-12-27 | ALSA: 6fire: Release resources at card release |
| CVE-2024-56531 | 2024-12-27 | ALSA: caiaq: Use snd_card_free_when_closed() at disconnection |
| CVE-2024-56532 | 2024-12-27 | ALSA: us122l: Use snd_card_free_when_closed() at disconnection |
| CVE-2024-56533 | 2024-12-27 | ALSA: usx2y: Use snd_card_free_when_closed() at disconnection |
| CVE-2024-56534 | 2024-12-27 | isofs: avoid memory leak in iocharset |
| CVE-2024-56535 | 2024-12-27 | wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() |
| CVE-2024-56536 | 2024-12-27 | wifi: cw1200: Fix potential NULL dereference |