CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2024-7475 An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of aut... | 9.1 | CRITICAL | — | 0 |
| CVE-2024-48569 Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ ... | 5.4 | MEDIUM | — | 0 |
| CVE-2024-10559 A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function Details. The manipulation of the argument passport/... | 5.3 | MEDIUM | — | 0 |
| CVE-2024-50354 gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot o... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-10035 Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Special Elements used in a Command ('Command Injection'), Improper Neutralization of Special Elements used in an O... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-58126 Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM position to intercept traffic. | 4.8 | MEDIUM | — | 0 |
| CVE-2024-48463 Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51500 Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resul... | 5.3 | MEDIUM | — | 0 |
| CVE-2024-50091 In the Linux kernel, the following vulnerability has been resolved: dm vdo: don't refer to dedupe_context after releasing it Clear the dedupe_context pointer in a data_vio whenever ownership of the ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50092 In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, th... | 3.3 | LOW | — | 0 |
| CVE-2024-50094 In the Linux kernel, the following vulnerability has been resolved: sfc: Don't invoke xdp_do_flush() from netpoll. Yury reported a crash in the sfc driver originated from netpoll_send_udp(). The net... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50107 In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounma... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50097 In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms (such as i.MX25 and i.MX27) do not support PTP, so on these pl... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50100 In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50102 In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canon... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50104 In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from th... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50105 In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream all... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-58127 Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in MitM position to intercept traffic. | 4.8 | MEDIUM | — | 0 |
| CVE-2024-50109 In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is set... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50111 In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled cont... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50112 In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as descr... | 7.8 | HIGH | — | 0 |
| CVE-2024-50113 In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50118 In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (de... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50119 In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 fre... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50122 In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race be... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50123 In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap... | 7.1 | HIGH | — | 0 |
| CVE-2024-10969 A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login_process.php of ... | 7.3 | HIGH | — | 0 |
| CVE-2024-50129 In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. Th... | 7.8 | HIGH | — | 0 |
| CVE-2024-50132 In the Linux kernel, the following vulnerability has been resolved: tracing/probes: Fix MAX_TRACE_ARGS limit handling When creating a trace_probe we would set nr_args prior to truncating the argumen... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50135 In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, theref... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-50139 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kern... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50140 In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-40619 Bookgy does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to reach private areas and/or area... | 7.5 | HIGH | — | 0 |
| CVE-2024-50144 In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending t... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50158 In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats... | 7.8 | HIGH | — | 0 |
| CVE-2024-50161 In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining info_cnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50165 In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it can be f... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-52313 An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by dir... | 4.3 | MEDIUM | — | 0 |
| CVE-2024-50166 In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50169 In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50170 In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapp... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50172 In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-52314 A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log ... | 4.9 | MEDIUM | — | 0 |
| CVE-2024-50173 In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup() The group variable can't be used to retrieve ptdev in our ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50174 In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the inter... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-50175 In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw Da... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50177 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursor_width is explicity set to 0, this cause... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50178 In the Linux kernel, the following vulnerability has been resolved: cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() Use raw_smp_processor_id() instead of plain smp_processor_i... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50190 In the Linux kernel, the following vulnerability has been resolved: ice: fix memleak in ice_init_tx_topology() Fix leak of the FW blob (DDP pkg). Make ice_cfg_tx_topo() const-correct, so ice_init_t... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-50197 In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in device_for_each_child_node() The device_for_each_child_node() loop requires calls to f... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.