6.5

CVSS3.1

CVE-2023-44038 -

In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users via an LDAP injection attack.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 16, 2025, 3:03 p.m.

9.1

CVSS3.1

CVE-2024-25864 -

Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2024-26762 - cxl/pci: Skip to handle RAS errors if CXL.mem device is detached

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from an AER event, the …

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:55 a.m.

5.5

CVSS3.1

CVE-2024-26702 - iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

In the Linux kernel, the following vulnerability has been resolved: iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC Recently, we encounter kernel crash in function rm3100_common_probe caused by out of bound access of array rm3100_samp_rates (because of underl…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:54 a.m.

5.5

CVSS3.1

CVE-2024-26767 - drm/amd/display: fixed integer types and null check locations

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

5.5

CVSS3.1

CVE-2024-26691 - KVM: arm64: Fix circular locking dependency

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while already holding the vc…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: Dec. 20, 2025, 8:51 a.m.

5.5

CVSS3.1

CVE-2024-26728 - drm/amd/display: fix null-pointer dereference on edid reading

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't aux_mode in dc_link to fix a null-pointer derefence that happens when running igt@kms_force_connector_basic in a system with DCN2.1 an…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:55 a.m.

7.8

CVSS3.1

CVE-2024-26724 - net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers I managed to hit following use after free warning recently: [ 2169.711665] ================================================================== [ 2169.7…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:54 a.m.

5.5

CVSS3.1

CVE-2024-26737 - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_cancel(); spin_lock…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:55 a.m.

5.5

CVSS3.1

CVE-2024-26727 - btrfs: do not ASSERT() if the newly created subvolume already got read

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() if the newly created subvolume already got read [BUG] There is a syzbot crash, triggered by the ASSERT() during subvolume creation: assertion failed: !anon_dev, in fs/btrfs/disk-io.c:1319 ------------[ c…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 12:54 p.m.
Total resulsts: 349182
Page 10461 of 34,919
Β« previous page Β» next page
Filters