9.8
CVE-2024-34994 -
In the module "Channable" (channable) up to version 3.2.1 from Channable for PrestaShop, a guest can perform SQL injection via `ChannableFeedModuleFrontController::postProcess()`.
7.1
CVE-2021-47604 - vduse: check that offset is within bounds in get_config()
In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset > dev->config_size". The problem is that since both vaβ¦
4.4
CVE-2024-38559 - scsi: qedf: Ensure the copied buf is NUL terminated
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is tβ¦
7.5
CVE-2024-36680 -
In the module "Facebook" (pkfacebook) <=1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.
5.5
CVE-2021-47607 - bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] BPF_R0 = cmpxchgβ¦
5.5
CVE-2024-38602 - ax25: Fix reference count leak issues of ax25_dev
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The reference count of β¦
5.3
CVE-2024-38582 - nilfs2: fix potential hang in nilfs_detach_log_writer()
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfs_detach_log_writer() Syzbot has reported a potential hang in nilfs_detach_log_writer() called during nilfs2 unmount. Analysis revealed that this is because nilfs_segctor_sync(), which synchroniβ¦
0.0
CVE-2021-47574 - kernel: xen/netfront: harden netfront against event channel storms
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2021-47575 - kernel: xen/console: harden hvc_xen against event channel storms
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks
In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b ("eth: sungem: remove .ndo_poll_controller to avoid deadlocks"). The root cause ofβ¦