7.1

CVSS3.1

CVE-2024-57945 - riscv: mm: Fix the out of bound issue of vmemmap address

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Fix the out of bound issue of vmemmap address In sparse vmemmap model, the virtual address of vmemmap is calculated as: ((struct page *)VMEMMAP_START - (phys_ram_base >> PAGE_SHIFT)). And the struct page's va can be ca…

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

5.5

CVSS3.1

CVE-2024-57932 - gve: guard XDP xmit NDO on existence of xdp queues

In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on existence of xdp queues In GVE, dedicated XDP queues only exist when an XDP program is installed and the interface is up. As such, the NDO XDP XMIT callback should return early if either of these condit…

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: Sept. 26, 2025, 7:10 p.m.

6.5

CVSS3.1

CVE-2023-37037 -

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `S1Setup Request` packet missing an expected `Supported TAs` field.

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: March 18, 2025, 2:15 p.m.

7.5

CVSS3.1

CVE-2023-37032 -

A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an oversized `Emergency Number…

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: March 13, 2025, 3:15 p.m.

5.7

CVSS3.1

CVE-2023-37027 -

Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modification Indication` packet missing an expected `eNB_UE_S1AP_ID` f…

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: March 18, 2025, 8:15 p.m.

5.5

CVSS3.1

CVE-2024-57360 - binutils: nm: potential segmentation fault when displaying symbols without version info

https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function.

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-24445 -

OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsuppo…

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2024-48392 -

OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into user email due to lack of input validation, which could lead to account takeover.

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: Sept. 30, 2025, 9:01 p.m.

9.8

CVSS3.1

CVE-2024-24421 -

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted NAS packet.

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: July 3, 2025, 12:47 a.m.

4.8

CVSS3.1

CVE-2024-55958 -

Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6.

πŸ“… Published: Jan. 21, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 344690
Page 6586 of 34,469
Β« previous page Β» next page
Filters