CVE List - 2024 / May
Showing 3901 - 4000 of 4994 CVEs for May 2024 (Page 40 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-52790 | 2024-05-21 | swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC |
| CVE-2023-52791 | 2024-05-21 | i2c: core: Run atomic i2c xfer when !preemptible |
| CVE-2023-52792 | 2024-05-21 | cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails |
| CVE-2023-52794 | 2024-05-21 | thermal: intel: powerclamp: fix mismatch in get function for max_idle |
| CVE-2023-52795 | 2024-05-21 | vhost-vdpa: fix use after free in vhost_vdpa_probe() |
| CVE-2023-52796 | 2024-05-21 | ipvlan: add ipvlan_route_v6_outbound() helper |
| CVE-2023-52797 | 2024-05-21 | drivers: perf: Check find_first_bit() return value |
| CVE-2023-52798 | 2024-05-21 | wifi: ath11k: fix dfs radar event locking |
| CVE-2023-52799 | 2024-05-21 | jfs: fix array-index-out-of-bounds in dbFindLeaf |
| CVE-2023-52800 | 2024-05-21 | wifi: ath11k: fix htt pktlog locking |
| CVE-2023-52801 | 2024-05-21 | iommufd: Fix missing update of domains_itree after splitting iopt_area |
| CVE-2023-52803 | 2024-05-21 | SUNRPC: Fix RPC client cleaned up the freed pipefs dentries |
| CVE-2023-52804 | 2024-05-21 | fs/jfs: Add validity check for db_maxag and db_agpref |
| CVE-2023-52805 | 2024-05-21 | jfs: fix array-index-out-of-bounds in diAlloc |
| CVE-2023-52806 | 2024-05-21 | ALSA: hda: Fix possible null-ptr-deref when assigning a stream |
| CVE-2023-52807 | 2024-05-21 | net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs |
| CVE-2023-52808 | 2024-05-21 | scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs |
| CVE-2023-52809 | 2024-05-21 | scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() |
| CVE-2023-52810 | 2024-05-21 | fs/jfs: Add check for negative db_l2nbperpage |
| CVE-2023-52811 | 2024-05-21 | scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool |
| CVE-2023-52812 | 2024-05-21 | drm/amd: check num of link levels when update pcie param |
| CVE-2023-52813 | 2024-05-21 | crypto: pcrypt - Fix hungtask for PADATA_RESET |
| CVE-2023-52814 | 2024-05-21 | drm/amdgpu: Fix potential null pointer derefernce |
| CVE-2023-52815 | 2024-05-21 | drm/amdgpu/vkms: fix a possible null pointer dereference |
| CVE-2023-52816 | 2024-05-21 | drm/amdkfd: Fix shift out-of-bounds issue |
| CVE-2023-52817 | 2024-05-21 | drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL |
| CVE-2023-52818 | 2024-05-21 | drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 |
| CVE-2023-52819 | 2024-05-21 | drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga |
| CVE-2023-52821 | 2024-05-21 | drm/panel: fix a possible null pointer dereference |
| CVE-2023-52825 | 2024-05-21 | drm/amdkfd: Fix a race condition of vram buffer unref in svm code |
| CVE-2023-52826 | 2024-05-21 | drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference |
| CVE-2023-52827 | 2024-05-21 | wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() |
| CVE-2023-52828 | 2024-05-21 | bpf: Detect IP == ksym.end as part of BPF program |
| CVE-2023-52829 | 2024-05-21 | wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() |
| CVE-2023-52831 | 2024-05-21 | cpu/hotplug: Don't offline the last non-isolated CPU |
| CVE-2023-52832 | 2024-05-21 | wifi: mac80211: don't return unset power in ieee80211_get_tx_power() |
| CVE-2023-52833 | 2024-05-21 | Bluetooth: btusb: Add date->evt_skb is NULL check |
| CVE-2023-52834 | 2024-05-21 | atl1c: Work around the DMA RX overflow issue |
| CVE-2023-52835 | 2024-05-21 | perf/core: Bail out early if the request AUX area is out of bound |
| CVE-2023-52836 | 2024-05-21 | locking/ww_mutex/test: Fix potential workqueue corruption |
| CVE-2023-52837 | 2024-05-21 | nbd: fix uaf in nbd_open |
| CVE-2023-52838 | 2024-05-21 | fbdev: imsttfb: fix a resource leak in probe |
| CVE-2023-52839 | 2024-05-21 | drivers: perf: Do not broadcast to other cpus when starting a counter |
| CVE-2023-52840 | 2024-05-21 | Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() |
| CVE-2023-52841 | 2024-05-21 | media: vidtv: mux: Add check and kfree for kstrdup |
| CVE-2023-52842 | 2024-05-21 | virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() |
| CVE-2023-52843 | 2024-05-21 | llc: verify mac len before reading mac header |
| CVE-2023-52844 | 2024-05-21 | media: vidtv: psi: Add check for kstrdup |
| CVE-2023-52845 | 2024-05-21 | tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING |
| CVE-2023-52846 | 2024-05-21 | hsr: Prevent use after free in prp_create_tagged_frame() |
| CVE-2023-52847 | 2024-05-21 | media: bttv: fix use after free error due to btv->timeout timer |
| CVE-2023-52848 | 2024-05-21 | f2fs: fix to drop meta_inode's page cache in f2fs_put_super() |
| CVE-2023-52849 | 2024-05-21 | cxl/mem: Fix shutdown order |
| CVE-2023-52850 | 2024-05-21 | media: hantro: Check whether reset op is defined before use |
| CVE-2023-52851 | 2024-05-21 | IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF |
| CVE-2023-52852 | 2024-05-21 | f2fs: compress: fix to avoid use-after-free on dic |
| CVE-2023-52853 | 2024-05-21 | hid: cp2112: Fix duplicate workqueue initialization |
| CVE-2023-52854 | 2024-05-21 | padata: Fix refcnt handling in padata_free_shell() |
| CVE-2023-52855 | 2024-05-21 | usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency |
| CVE-2023-52856 | 2024-05-21 | drm/bridge: lt8912b: Fix crash on bridge detach |
| CVE-2023-52857 | 2024-05-21 | drm/mediatek: Fix coverity issue with unintentional integer overflow |
| CVE-2023-52858 | 2024-05-21 | clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data |
| CVE-2023-52859 | 2024-05-21 | perf: hisi: Fix use-after-free when register pmu fails |
| CVE-2023-52860 | 2024-05-21 | drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process |
| CVE-2023-52861 | 2024-05-21 | drm: bridge: it66121: Fix invalid connector dereference |
| CVE-2023-52862 | 2024-05-21 | drm/amd/display: Fix null pointer dereference in error message |
| CVE-2023-52863 | 2024-05-21 | hwmon: (axi-fan-control) Fix possible NULL pointer dereference |
| CVE-2023-52864 | 2024-05-21 | platform/x86: wmi: Fix opening of char device |
| CVE-2023-52865 | 2024-05-21 | clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data |
| CVE-2023-52866 | 2024-05-21 | HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() |
| CVE-2023-52867 | 2024-05-21 | drm/radeon: possible buffer overflow |
| CVE-2023-52868 | 2024-05-21 | thermal: core: prevent potential string overflow |
| CVE-2023-52869 | 2024-05-21 | pstore/platform: Add check for kstrdup |
| CVE-2023-52870 | 2024-05-21 | clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data |
| CVE-2023-52871 | 2024-05-21 | soc: qcom: llcc: Handle a second device without data corruption |
| CVE-2023-52872 | 2024-05-21 | tty: n_gsm: fix race condition in status line change on dead connections |
| CVE-2023-52873 | 2024-05-21 | clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data |
| CVE-2023-52874 | 2024-05-21 | x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro |
| CVE-2023-52875 | 2024-05-21 | clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data |
| CVE-2023-52876 | 2024-05-21 | clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data |
| CVE-2023-52877 | 2024-05-21 | usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() |
| CVE-2023-52878 | 2024-05-21 | can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds |
| CVE-2023-52879 | 2024-05-21 | tracing: Have trace_event_file have ref counters |
| CVE-2024-31840 | 2024-05-21 | An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the... |
| CVE-2024-31844 | 2024-05-21 | An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An... |
| CVE-2024-31845 | 2024-05-21 | An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET... |
| CVE-2024-31847 | 2024-05-21 | An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting (XSS) vulnerability allows authenticated and unauthenticated remote attackers to inject arbitrary web script or HTML into a GET... |
| CVE-2024-1721 | 2024-05-21 | Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1. |
| CVE-2024-21902 | 2024-05-21 | QTS, QuTS hero |
| CVE-2024-27127 | 2024-05-21 | QTS, QuTS hero |
| CVE-2024-27128 | 2024-05-21 | QTS, QuTS hero |
| CVE-2024-27129 | 2024-05-21 | QTS, QuTS hero |
| CVE-2024-27130 | 2024-05-21 | QTS, QuTS hero |
| CVE-2024-36052 | 2024-05-21 | RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899. |
| CVE-2024-22273 | 2024-05-21 | The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue... |
| CVE-2024-22274 | 2024-05-21 | The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on... |
| CVE-2024-22275 | 2024-05-21 | The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing... |
| CVE-2024-34240 | 2024-05-21 | QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting (XSS) resulting in arbitrary code execution in admin functions related to adding or updating records. |
| CVE-2024-31757 | 2024-05-21 | An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component. |
| CVE-2024-4154 | 2024-05-21 | Incorrect Synchronization in lunary-ai/lunary |