9.8

CVSS3.1

CVE-2024-41649 -

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_.

πŸ“… Published: Dec. 6, 2024, midnight πŸ”„ Last Modified: Dec. 13, 2024, 8:13 p.m.

7.1

CVSS3.1

CVE-2024-41648 -

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller.

πŸ“… Published: Dec. 6, 2024, midnight πŸ”„ Last Modified: Dec. 13, 2024, 8:26 p.m.

3.8

CVSS3.1

CVE-2024-6219 -

Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.

πŸ“… Published: Dec. 5, 2024, 11:13 p.m. πŸ”„ Last Modified: Nov. 13, 2025, 3:06 p.m.

3.8

CVSS3.1

CVE-2024-6156 -

Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

πŸ“… Published: Dec. 5, 2024, 11:11 p.m. πŸ”„ Last Modified: Aug. 26, 2025, 5:22 p.m.

7.7

CVSS4.0

CVE-2024-52798 - path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade…

πŸ“… Published: Dec. 5, 2024, 10:45 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.7

CVSS3.1

CVE-2018-9391 -

In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges neede…

πŸ“… Published: Dec. 5, 2024, 10:25 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 5:18 p.m.

6.7

CVSS3.1

CVE-2018-9390 -

In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

πŸ“… Published: Dec. 5, 2024, 10:23 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 4:49 p.m.

7.8

CVSS3.1

CVE-2018-9388 -

In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege.

πŸ“… Published: Dec. 5, 2024, 10:22 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 4:50 p.m.

6.7

CVSS3.1

CVE-2018-9386 -

In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

πŸ“… Published: Dec. 5, 2024, 10:20 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 4:51 p.m.

2.1

CVSS4.0

CVE-2024-54140 - sigstore-java has a vulnerability with bundle verification

sigstore-java is a sigstore java client for interacting with sigstore infrastructure. sigstore-java has insufficient verification for a situation where a bundle provides a invalid signature for a checkpoint. This bug impacts clients using any variation of KeylessVerifier.verify(). Currently checkpo…

πŸ“… Published: Dec. 5, 2024, 10:08 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 345151
Page 7207 of 34,516
Β« previous page Β» next page
Filters