Lista CVE - 2024 / Agosto
Visualizzazione 1601 - 1700 di 2898 CVE per Agosto 2024 (Pagina 17 di 29)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-42294 | 2024-08-17 | block: fix deadlock between sd_remove & sd_release |
| CVE-2024-42295 | 2024-08-17 | nilfs2: handle inconsistent state in nilfs_btnode_create_block() |
| CVE-2024-42296 | 2024-08-17 | f2fs: fix return value of f2fs_convert_inline_inode() |
| CVE-2024-42297 | 2024-08-17 | f2fs: fix to don't dirty inode for readonly filesystem |
| CVE-2024-42298 | 2024-08-17 | ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value |
| CVE-2024-42299 | 2024-08-17 | fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed |
| CVE-2024-42300 | 2024-08-17 | erofs: fix race in z_erofs_get_gbuf() |
| CVE-2024-42301 | 2024-08-17 | dev/parport: fix the array out-of-bounds risk |
| CVE-2024-42302 | 2024-08-17 | PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal |
| CVE-2024-42303 | 2024-08-17 | media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() |
| CVE-2024-42304 | 2024-08-17 | ext4: make sure the first directory block is not a hole |
| CVE-2024-42305 | 2024-08-17 | ext4: check dot and dotdot of dx_root before making dir indexed |
| CVE-2024-42306 | 2024-08-17 | udf: Avoid using corrupted block bitmap buffer |
| CVE-2024-42307 | 2024-08-17 | cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path |
| CVE-2024-42309 | 2024-08-17 | drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes |
| CVE-2024-42310 | 2024-08-17 | drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes |
| CVE-2024-42311 | 2024-08-17 | hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() |
| CVE-2024-42312 | 2024-08-17 | sysctl: always initialize i_uid/i_gid |
| CVE-2024-42313 | 2024-08-17 | media: venus: fix use after free in vdec_close |
| CVE-2024-42314 | 2024-08-17 | btrfs: fix extent map use-after-free when adding pages to compressed bio |
| CVE-2024-42315 | 2024-08-17 | exfat: fix potential deadlock on __exfat_get_dentry_set |
| CVE-2024-42316 | 2024-08-17 | mm/mglru: fix div-by-zero in vmpressure_calc_level() |
| CVE-2024-42317 | 2024-08-17 | mm/huge_memory: avoid PMD-size page cache if needed |
| CVE-2024-42318 | 2024-08-17 | landlock: Don't lose track of restrictions on cred_transfer |
| CVE-2024-42319 | 2024-08-17 | mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() |
| CVE-2024-42320 | 2024-08-17 | s390/dasd: fix error checks in dasd_copy_pair_store() |
| CVE-2024-42321 | 2024-08-17 | net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE |
| CVE-2024-42322 | 2024-08-17 | ipvs: properly dereference pe in ip_vs_add_service |
| CVE-2024-43815 | 2024-08-17 | crypto: mxs-dcp - Ensure payload is zero when using key slot |
| CVE-2024-43816 | 2024-08-17 | scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages |
| CVE-2024-43817 | 2024-08-17 | net: missing check virtio |
| CVE-2024-43818 | 2024-08-17 | ASoC: amd: Adjust error handling in case of absent codec device |
| CVE-2024-43819 | 2024-08-17 | kvm: s390: Reject memory region operations for ucontrol VMs |
| CVE-2024-43820 | 2024-08-17 | dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume |
| CVE-2024-43821 | 2024-08-17 | scsi: lpfc: Fix a possible null pointer dereference |
| CVE-2024-43822 | 2024-08-17 | ASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe() |
| CVE-2024-43823 | 2024-08-17 | PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() |
| CVE-2024-43824 | 2024-08-17 | PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() |
| CVE-2024-43825 | 2024-08-17 | iio: Fix the sorting functionality in iio_gts_build_avail_time_table |
| CVE-2024-43826 | 2024-08-17 | nfs: pass explicit offset/count to trace events |
| CVE-2024-43827 | 2024-08-17 | drm/amd/display: Add null check before access structs |
| CVE-2024-43828 | 2024-08-17 | ext4: fix infinite loop when replaying fast_commit |
| CVE-2024-43829 | 2024-08-17 | drm/qxl: Add check for drm_cvt_mode |
| CVE-2024-43830 | 2024-08-17 | leds: trigger: Unregister sysfs attributes before calling deactivate() |
| CVE-2024-43831 | 2024-08-17 | media: mediatek: vcodec: Handle invalid decoder vsi |
| CVE-2024-43832 | 2024-08-17 | s390/uv: Don't call folio_wait_writeback() without a folio reference |
| CVE-2024-43833 | 2024-08-17 | media: v4l: async: Fix NULL pointer dereference in adding ancillary links |
| CVE-2024-43834 | 2024-08-17 | xdp: fix invalid wait context of page_pool_destroy() |
| CVE-2024-43835 | 2024-08-17 | virtio_net: Fix napi_skb_cache_put warning |
| CVE-2024-43836 | 2024-08-17 | net: ethtool: pse-pd: Fix possible null-deref |
| CVE-2024-43837 | 2024-08-17 | bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT |
| CVE-2024-43838 | 2024-08-17 | bpf: fix overflow check in adjust_jmp_off() |
| CVE-2024-43839 | 2024-08-17 | bna: adjust 'name' buf size of bna_tcb and bna_ccb structures |
| CVE-2024-43840 | 2024-08-17 | bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG |
| CVE-2024-43841 | 2024-08-17 | wifi: virt_wifi: avoid reporting connection success with wrong SSID |
| CVE-2024-43842 | 2024-08-17 | wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() |
| CVE-2024-43843 | 2024-08-17 | riscv, bpf: Fix out-of-bounds issue when preparing trampoline image |
| CVE-2024-43844 | 2024-08-17 | wifi: rtw89: wow: fix GTK offload H2C skbuff issue |
| CVE-2024-43845 | 2024-08-17 | udf: Fix bogus checksum computation in udf_rename() |
| CVE-2024-43846 | 2024-08-17 | lib: objagg: Fix general protection fault |
| CVE-2024-43847 | 2024-08-17 | wifi: ath12k: fix invalid memory access while processing fragmented packets |
| CVE-2024-43848 | 2024-08-17 | wifi: mac80211: fix TTLM teardown work |
| CVE-2024-43849 | 2024-08-17 | soc: qcom: pdr: protect locator_addr with the main mutex |
| CVE-2024-43850 | 2024-08-17 | soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove |
| CVE-2024-43851 | 2024-08-17 | soc: xilinx: rename cpu_number1 to dummy_cpu_number |
| CVE-2024-43852 | 2024-08-17 | hwmon: (ltc2991) re-order conditions to fix off by one bug |
| CVE-2024-43853 | 2024-08-17 | cgroup/cpuset: Prevent UAF in proc_cpuset_show() |
| CVE-2024-43854 | 2024-08-17 | block: initialize integrity buffer to zero before writing it to media |
| CVE-2024-43855 | 2024-08-17 | md: fix deadlock between mddev_suspend and flush bio |
| CVE-2024-43856 | 2024-08-17 | dma: fix call order in dmam_free_coherent |
| CVE-2024-43857 | 2024-08-17 | f2fs: fix null reference error when checking end of zone |
| CVE-2024-43858 | 2024-08-17 | jfs: Fix array-index-out-of-bounds in diFree |
| CVE-2024-43859 | 2024-08-17 | f2fs: fix to truncate preallocated blocks in f2fs_file_open() |
| CVE-2024-43860 | 2024-08-17 | remoteproc: imx_rproc: Skip over memory region when node value is NULL |
| CVE-2023-3419 | 2024-08-17 | tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection |
| CVE-2023-0714 | 2024-08-17 | Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload |
| CVE-2023-3416 | 2024-08-17 | tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection |
| CVE-2024-7703 | 2024-08-17 | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.37 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Upload |
| CVE-2024-7896 | 2024-08-17 | Tosei Online Store Management System ネット店舗管理システム p1_ftpserver.php command injection |
| CVE-2024-7897 | 2024-08-17 | Tosei Online Store Management System ネット店舗管理システム tosei_kikai.php command injection |
| CVE-2024-7898 | 2024-08-17 | Tosei Online Store Management System ネット店舗管理システム Backend default credentials |
| CVE-2024-7899 | 2024-08-17 | InnoCMS Backend edit code injection |
| CVE-2024-7900 | 2024-08-17 | xiaohe4966 TpMeCMS Basic Configuration config cross site scripting |
| CVE-2024-7901 | 2024-08-17 | Scada-LTS Message Scada cross site scripting |
| CVE-2024-7902 | 2024-08-17 | pkp ojs signOut redirect |
| CVE-2024-7903 | 2024-08-18 | DedeBIZ File Extension media_add.php unrestricted upload |
| CVE-2024-7904 | 2024-08-18 | DedeBIZ File Extension file_manage_control.php unrestricted upload |
| CVE-2024-7905 | 2024-08-18 | DedeBIZ archives_do.php AdminUpload unrestricted upload |
| CVE-2024-43353 | 2024-08-18 | WordPress myCred plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43352 | 2024-08-18 | WordPress GivingPress Lite theme <= 1.8.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43351 | 2024-08-18 | WordPress Bravada theme <= 1.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43349 | 2024-08-18 | WordPress All Bootstrap Blocks plugin <= 1.3.19 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43348 | 2024-08-18 | WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43347 | 2024-08-18 | WordPress Button contact VR plugin <= 4.7.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43346 | 2024-08-18 | WordPress Modal Window – create popup modal window plugin <= 6.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43344 | 2024-08-18 | WordPress Icegram Engage – Ultimate WP Popup Builder, Lead Generation, Optins, and CTA plugin <= 3.1.25 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43342 | 2024-08-18 | WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43276 | 2024-08-18 | WordPress Child Theme Creator by Orbisius plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-7906 | 2024-08-18 | DedeBIZ Attachment Settings select_images_post.php get_mime_type unrestricted upload |
| CVE-2024-39666 | 2024-08-18 | WordPress WooCommerce plugin <= 9.1.2 - Cross Site Scripting (XSS) vulnerability |