6.3
CVE-2024-36039 - python-pymysql: SQL injection if used with untrusted JSON input
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
5.5
CVE-2023-52734 - kernel: net: sched: sch: Bounds check priority
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
4.4
CVE-2023-52878 - can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning โฆ
5.5
CVE-2023-52877 - usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as shown below. [9122โฆ
5.5
CVE-2023-52876 - clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
5.5
CVE-2023-52875 - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
5.5
CVE-2023-52873 - clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
7.8
CVE-2023-52867 - drm/radeon: possible buffer overflow
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access.
7.1
CVE-2023-52866 - HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() When CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and then the below user-memory-access bug occurs. In hid_test_uclogic_paโฆ
4.1
CVE-2023-52862 - drm/amd/display: Fix null pointer dereference in error message
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. The original message includes the DC โฆ