8.4
CVE-2023-52070 -
JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have beeβ¦
5.5
CVE-2024-28345 -
An issue discovered in Sipwise C5 NGCP Dashboard below mr11.5.1 allows a low privileged user to access the Journal endpoint by directly visit the URL.
5.5
CVE-2021-47183 - scsi: lpfc: Fix link down processing to address NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL pointer dereferencβ¦
5.5
CVE-2021-47206 - usb: host: ohci-tmio: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
0.0
CVE-2024-30719 -
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.
8.8
CVE-2024-29269 -
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
9.1
CVE-2024-23080 - joda-time: Null pointer exeption may lead to DoS
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBased(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission mayβ¦
0.0
CVE-2024-29445 -
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.
9
CVE-2024-3120 - Stack-Buffer Overflow in 'Content-Length' and 'Warning' Header Processing in sngrep
A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnβ¦
9
CVE-2024-3119 - Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dβ¦