7.1

CVSS3.1

CVE-2024-26673 - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a mandatory attribut…

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:53 a.m.

7.1

CVSS3.1

CVE-2024-26665 - tunnels: fix out of bounds access when building IPv6 PMTU error

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of size 4 at addr ffff…

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:53 a.m.

5.1

CVSS3.1

CVE-2024-25075 -

An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription with a very low MaxNotificationPerPublish parameter is created, a publish response is mishandled, leading to memory consumption. When that happens often enough, the device will be out of memory, i.e., a denial …

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2023-52632 - drm/amdkfd: Fix lock dependency warning with srcu

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted -----------------------------------…

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 7:40 a.m.

8.8

CVSS3.1

CVE-2024-29514 -

File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file.

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 1, 2025, 3:06 p.m.

5.5

CVSS3.1

CVE-2024-26668 - netfilter: nft_limit: reject configurations that cause integer overflow

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its better to reject this…

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:53 a.m.

4.7

CVSS3.1

CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(), wa…

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: Jan. 5, 2026, 10:34 a.m.

8.8

CVSS3.1

CVE-2024-30965 -

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php.

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: April 1, 2025, 6:05 p.m.

5.5

CVSS3.1

CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error()

In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning.

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 12:54 p.m.

9.8

CVSS3.1

CVE-2024-29432 -

Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.

πŸ“… Published: April 2, 2024, midnight πŸ”„ Last Modified: April 30, 2025, 4:47 p.m.
Total resulsts: 349182
Page 10482 of 34,919
Β« previous page Β» next page
Filters