Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2024-1441 An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending ... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-0047 In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This could lead to local denial of service when policies are deseriali... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-0053 In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional ex... | 3.3 | LOW | β | 0 |
| CVE-2023-52490 In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash ... | 5.5 | MEDIUM | β | 0 |
| CVE-2023-52492 In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure,... | 4.4 | MEDIUM | β | 0 |
| CVE-2024-0559 The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-1279 The Paid Memberships Pro WordPress plugin before 2.12.9 does not prevent user with at least the contributor role from leaking other users' sensitive metadata. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-1487 The Photos and Files Contest Gallery WordPress plugin before 21.3.1 does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting a... | 5.4 | MEDIUM | β | 0 |
| CVE-2024-26608 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbd_nl_policy Similar to a reported issue (check the commit b33fb5b801c6 ("net: qualcomm: rmnet: fix gl... | 7.8 | HIGH | β | 0 |
| CVE-2024-26612 In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). ... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-26614 In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following iss... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-22005 there is a possible Authentication Bypass due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed... | 8.4 | HIGH | β | 0 |
| CVE-2024-22006 OOB read in the TMU plugin that allows for memory disclosure in the power management subsystem of the device. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-22007 In constraint_check of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User... | 6.2 | MEDIUM | β | 0 |
| CVE-2024-22008 In config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges nee... | 7.8 | HIGH | β | 0 |
| CVE-2024-22009 In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti... | 7.1 | HIGH | β | 0 |
| CVE-2024-22010 In dvfs_plugin_caller of fvp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. Us... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-22011 In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional executio... | 7.5 | HIGH | β | 0 |
| CVE-2024-25984 In dumpBatteryDefend of dump_power.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges ne... | 6.2 | MEDIUM | β | 0 |
| CVE-2024-25985 In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti... | 8.4 | HIGH | β | 0 |
| CVE-2024-25986 In ppmp_unprotect_buf of drm_fw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execu... | 7.8 | HIGH | β | 0 |
| CVE-2024-25987 In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User i... | 6.7 | MEDIUM | β | 0 |
| CVE-2024-25988 In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution ... | 8.4 | HIGH | β | 0 |
| CVE-2024-25989 In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privil... | 5.9 | MEDIUM | β | 0 |
| CVE-2024-25990 In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execut... | 6.4 | MEDIUM | β | 0 |
| CVE-2024-25991 In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges n... | 3.3 | LOW | β | 0 |
| CVE-2024-28666 DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php | 5.5 | MEDIUM | β | 0 |
| CVE-2024-25992 In tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User ... | 7.8 | HIGH | β | 0 |
| CVE-2024-25993 In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges neede... | 8.4 | HIGH | β | 0 |
| CVE-2024-27204 In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. ... | 8.4 | HIGH | β | 0 |
| CVE-2024-27205 there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo... | 8.4 | HIGH | β | 0 |
| CVE-2024-27206 there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed fo... | 7.5 | HIGH | β | 0 |
| CVE-2024-27207 Exported broadcast receivers allowing malicious apps to bypass broadcast protection. | 9.1 | CRITICAL | β | 0 |
| CVE-2024-27208 there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f... | 8.4 | HIGH | β | 0 |
| CVE-2024-27209 there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f... | 8.4 | HIGH | β | 0 |
| CVE-2024-27210 In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User i... | 7.8 | HIGH | β | 0 |
| CVE-2024-27211 In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User i... | 7.7 | HIGH | β | 0 |
| CVE-2024-27212 In init_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti... | 7.8 | HIGH | β | 0 |
| CVE-2024-27213 In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remote Code Execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges... | 8.4 | HIGH | β | 0 |
| CVE-2024-27219 In tmu_set_pi of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User int... | 8.4 | HIGH | β | 0 |
| CVE-2024-27220 In lpm_req_handler of , there is a possible out of bounds memory access due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. ... | 8.4 | HIGH | β | 0 |
| CVE-2024-27221 In update_policy_data of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User ... | 7.8 | HIGH | β | 0 |
| CVE-2024-27222 In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalat... | 7.8 | HIGH | β | 0 |
| CVE-2024-27223 In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after auth... | 5.1 | MEDIUM | β | 0 |
| CVE-2024-28667 DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php | 6.1 | MEDIUM | β | 0 |
| CVE-2024-27224 In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User in... | 7.8 | HIGH | β | 0 |
| CVE-2024-27225 In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. Us... | 4.4 | MEDIUM | β | 0 |
| CVE-2024-27226 In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Us... | 8.4 | HIGH | β | 0 |
| CVE-2024-27228 there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for explo... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27229 In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution... | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.