7.1
CVE-2024-57928 - netfs: Fix enomem handling in buffered reads
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix enomem handling in buffered reads If netfs_read_to_pagecache() gets an error from either ->prepare_read() or from netfs_prepare_read_iterator(), it needs to decrement ->nr_outstanding, cancel the subrequest and break oโฆ
7.8
CVE-2024-57926 - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL, otherwise KASAN complains about use-after-free. Because in mtk_drm_bind, all private's drm are set as follโฆ
5.5
CVE-2025-21653 - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in net/sched/cโฆ
5.3
CVE-2025-0561 - itsourcecode Farm Management System add-pig.php sql injection
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosedโฆ
7.5
CVE-2024-45662 - IBM Safer Payments denial of service
IBM Safer Paymentsย 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
5.3
CVE-2024-47106 - IBM Jazz for Service Management information disclosure
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
8.1
CVE-2024-47113 - IBM ICP - Voice Gateway XML injection
IBM ICP - Voice Gatewayย 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.
5.3
CVE-2024-49354 - IBM Concert information disclosure
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
6.5
CVE-2024-49824 - IBM Robotic Process Automation security bypass
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validatioโฆ
6.7
CVE-2024-51448 - IBM Robotic Process Automation privilege escalation
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe โฆ