Total
29092 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-47051 | 1 Linux | 1 Linux Kernel | 2024-12-09 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. Fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2023-52387 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | N/A | 7.5 HIGH |
Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2024-42156 | 1 Linux | 1 Linux Kernel | 2024-12-09 | N/A | 4.1 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. | |||||
CVE-2023-29931 | 1 Laravels Project | 1 Laravels | 2024-12-06 | N/A | 9.8 CRITICAL |
laravel-s 3.7.35 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php. | |||||
CVE-2022-45287 | 1 Temenos | 1 Cwx | 2024-12-06 | N/A | 8.8 HIGH |
An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administrative commands. | |||||
CVE-2020-36782 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2020-36778 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2020-36784 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_sync will increment pm usage counter even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2020-36783 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2020-36781 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pm_runtime_get_sync fails In i2c_imx_xfer() and i2c_imx_remove(), the pm reference count is not expected to be incremented on return. However, pm_runtime_get_sync will increment pm reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2020-36779 | 1 Linux | 1 Linux Kernel | 2024-12-06 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in these stm32f7_i2c_xx serious functions. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
CVE-2024-49580 | 1 Jetbrains | 1 Ktor | 2024-12-06 | N/A | 5.3 MEDIUM |
In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure | |||||
CVE-2021-31635 | 1 Jfinal | 1 Jfinal | 2024-12-05 | N/A | 9.8 CRITICAL |
Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function. | |||||
CVE-2023-36664 | 3 Artifex, Debian, Fedoraproject | 3 Ghostscript, Debian Linux, Fedora | 2024-12-05 | N/A | 7.8 HIGH |
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). | |||||
CVE-2023-34672 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2024-12-05 | N/A | 8.8 HIGH |
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases. | |||||
CVE-2021-30205 | 1 Dzzoffice | 1 Dzzoffice | 2024-12-05 | N/A | 5.3 MEDIUM |
Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames. | |||||
CVE-2023-32553 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-12-04 | N/A | 5.3 MEDIUM |
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552. | |||||
CVE-2023-32552 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-12-04 | N/A | 5.3 MEDIUM |
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553 | |||||
CVE-2023-32528 | 1 Trendmicro | 1 Mobile Security | 2024-12-04 | N/A | 8.8 HIGH |
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527. | |||||
CVE-2023-32527 | 1 Trendmicro | 1 Mobile Security | 2024-12-04 | N/A | 8.8 HIGH |
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. |