CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2022-48806 In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX Commit effa453168a7 ("i2c: i801: Don't silently correct invalid transfer si... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48807 In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler Currently, the same handler is called for both a NETDEV_BONDING_INFO LAG unl... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48810 In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path ip[6]mr_free_table() can only be called under RTNL lo... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48811 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in __ibmvnic_open() If __ibmvnic_open() encounters an error such as when setting link state, it calls ... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48812 In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50079 In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work When the sqpoll is exiting and cancels pending work item... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48815 In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus u... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48816 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against ->sock changing during sysfs read ->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it... | 4.7 | MEDIUM | — | 0 |
| CVE-2022-48817 In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO b... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48818 In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48819 In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case syzbot found that mixing sendpage() and sendmsg(MSG_ZEROCOPY) calls ov... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-4554 Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1. | 7.3 | HIGH | — | 0 |
| CVE-2022-48821 In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioct... | 7.8 | HIGH | — | 0 |
| CVE-2022-48823 In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. [ 974.3090... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48825 In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stag_work to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48827 In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSET_MAX Dan Aloni reports: > Due to commit 8cfb9015280d ("NFS: Always provide aligned buffe... | 7.1 | HIGH | — | 0 |
| CVE-2022-48828 In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-47854 An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated u... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-48829 In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::ia_size is a loff_t, so these NFSv3 procedures must be carefu... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48830 In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotp_rcv() When receiving a CAN frame the current code logic does not consi... | 4.7 | MEDIUM | — | 0 |
| CVE-2022-48831 In the Linux kernel, the following vulnerability has been resolved: ima: fix reference leak in asymmetric_verify() Don't leak a reference to the key if its algorithm is unknown. | 5.5 | MEDIUM | — | 0 |
| CVE-2022-48832 In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 open_how::flags As reported by Jeff, dereferencing the openat2 sysca... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-4080 A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide... | 7.8 | HIGH | — | 0 |
| CVE-2022-48833 In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 ("b... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-40626 Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline... | 7.3 | HIGH | — | 0 |
| CVE-2024-6807 A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sscdms/clas... | 2.4 | LOW | — | 0 |
| CVE-2024-40642 The netty incubator codec.bhttp is a java language binary http parser. In affected versions the `BinaryHttpParser` class does not properly validate input values thus giving attackers almost complete c... | 8.1 | HIGH | — | 0 |
| CVE-2024-6281 A path traversal vulnerability exists in the `apply_settings` function of parisneo/lollms versions prior to 9.5.1. The `sanitize_path` function does not adequately secure the `discussion_db_name` para... | N/A | NONE | — | 0 |
| CVE-2024-4081 A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user w... | 7.8 | HIGH | — | 0 |
| CVE-2024-39702 In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive r... | 5.9 | MEDIUM | — | 0 |
| CVE-2024-36538 Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | 8.8 | HIGH | — | 0 |
| CVE-2024-40433 Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate privileges via the web-view component. | 8.8 | HIGH | — | 0 |
| CVE-2024-41018 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY). | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41021 In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception() There is no support for HWPOISON, MEMORY_FAILURE, or ARCH_HAS_COPY_MC on... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41026 In the Linux kernel, the following vulnerability has been resolved: mmc: davinci_mmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmi... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41029 In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nv... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41031 In the Linux kernel, the following vulnerability has been resolved: mm/filemap: skip to create PMD-sized page cache if needed On ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. The PM... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41032 In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-7219 A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The ma... | 7.3 | HIGH | — | 0 |
| CVE-2024-41043 In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: drop bogus WARN_ON Happens when rules get flushed/deleted while packet is out, so remove this WARN_ON.... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41045 In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpf_timer_cancel_and_free Currently, the same case as previous patch (two timer callbacks trying to cancel each... | 7.8 | HIGH | — | 0 |
| CVE-2024-41067 In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: handle RST lookup error correctly [BUG] When running btrfs/060 with forced RST feature, it would crash the following... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41082 In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in th... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-41086 In the Linux kernel, the following vulnerability has been resolved: bcachefs: Fix sb_field_downgrade validation - bch2_sb_downgrade_validate() wasn't checking for a downgrade entry extending past ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-6400 Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, I... | 7.5 | HIGH | — | 0 |
| CVE-2024-42088 In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai ... | 7.8 | HIGH | — | 0 |
| CVE-2024-42091 In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-28804 An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Stored Cross-site scripting (XSS) can occur via POST. | 7.1 | HIGH | — | 0 |
| CVE-2024-28805 An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control. | 9.1 | CRITICAL | — | 0 |
| CVE-2024-28806 An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path. | 7.5 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.