CVE List - 2024 / May
Showing 3601 - 3700 of 4997 CVEs for May 2024 (Page 37 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-4435 | 2024-05-21 | BTreeMap memory leak when deallocating nodes with overflows |
| CVE-2023-3939 | 2024-05-21 | Multiple command injection in ZkTeco-based OEM devices |
| CVE-2024-4988 | 2024-05-21 | Improper permission control in com.transsion.videocallenhancer |
| CVE-2023-3940 | 2024-05-21 | Multiple arbitrary file reads in ZkTeco-based OEM devices |
| CVE-2023-3941 | 2024-05-21 | Multiple arbitrary file writes in ZkTeco-based OEM devices |
| CVE-2024-4876 | 2024-05-21 | HT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-4361 | 2024-05-21 | Page Builder by SiteOrigin <= 2.29.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode |
| CVE-2024-4619 | 2024-05-21 | Elementor Website Builder – More than Just a Page Builder <= 3.21.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting |
| CVE-2024-3268 | 2024-05-21 | YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page Creation |
| CVE-2024-4420 | 2024-05-21 | Denial of Service in Tink-cc |
| CVE-2024-35361 | 2024-05-21 | MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/getIcon.... |
| CVE-2023-3942 | 2024-05-21 | Multiple SQLi in ZkTeco-based OEM devices |
| CVE-2024-35180 | 2024-05-21 | OMERO.web JSONP callback vulnerability |
| CVE-2024-34071 | 2024-05-21 | Open Redirect Bypass Protection |
| CVE-2023-3943 | 2024-05-21 | Multiple buffer overflow in ZkTeco-based OEM devices |
| CVE-2024-35386 | 2024-05-21 | An issue in Cesanta mjs 2.20.0 allows a remote attacker... |
| CVE-2024-35384 | 2024-05-21 | An issue in Cesanta mjs 2.20.0 allows a remote attacker... |
| CVE-2024-35385 | 2024-05-21 | An issue in Cesanta mjs 2.20.0 allows a remote attacker... |
| CVE-2024-35218 | 2024-05-21 | Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane |
| CVE-2024-4452 | 2024-05-21 | ElementsKit Pro <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2021-47221 | 2024-05-21 | mm/slub: actually fix freelist pointer vs redzoning |
| CVE-2021-47222 | 2024-05-21 | net: bridge: fix vlan tunnel dst refcnt when egressing |
| CVE-2021-47223 | 2024-05-21 | net: bridge: fix vlan tunnel dst null pointer dereference |
| CVE-2021-47224 | 2024-05-21 | net: ll_temac: Make sure to free skb when it is completely used |
| CVE-2021-47225 | 2024-05-21 | mac80211: fix deadlock in AP/VLAN handling |
| CVE-2021-47226 | 2024-05-21 | x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer |
| CVE-2021-47227 | 2024-05-21 | x86/fpu: Prevent state corruption in __fpu__restore_sig() |
| CVE-2021-47228 | 2024-05-21 | x86/ioremap: Map EFI-reserved memory as encrypted for SEV |
| CVE-2021-47229 | 2024-05-21 | PCI: aardvark: Fix kernel panic during PIO transfer |
| CVE-2021-47230 | 2024-05-21 | KVM: x86: Immediately reset the MMU context when the SMM flag is cleared |
| CVE-2021-47231 | 2024-05-21 | can: mcba_usb: fix memory leak in mcba_usb |
| CVE-2021-47232 | 2024-05-21 | can: j1939: fix Use-after-Free, hold skb ref while in use |
| CVE-2021-47233 | 2024-05-21 | regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL |
| CVE-2021-47234 | 2024-05-21 | phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() |
| CVE-2021-47235 | 2024-05-21 | net: ethernet: fix potential use-after-free in ec_bhf_remove |
| CVE-2021-47236 | 2024-05-21 | net: cdc_eem: fix tx fixup skb leak |
| CVE-2021-47237 | 2024-05-21 | net: hamradio: fix memory leak in mkiss_close |
| CVE-2021-47238 | 2024-05-21 | net: ipv4: fix memory leak in ip_mc_add1_src |
| CVE-2021-47239 | 2024-05-21 | net: usb: fix possible use-after-free in smsc75xx_bind |
| CVE-2021-47240 | 2024-05-21 | net: qrtr: fix OOB Read in qrtr_endpoint_post |
| CVE-2021-47241 | 2024-05-21 | ethtool: strset: fix message length calculation |
| CVE-2021-47242 | 2024-05-21 | mptcp: fix soft lookup in subflow_error_report() |
| CVE-2021-47243 | 2024-05-21 | sch_cake: Fix out of bounds when parsing TCP options and header |
| CVE-2021-47244 | 2024-05-21 | mptcp: Fix out of bounds when parsing TCP options |
| CVE-2021-47245 | 2024-05-21 | netfilter: synproxy: Fix out of bounds when parsing TCP options |
| CVE-2021-47246 | 2024-05-21 | net/mlx5e: Fix page reclaim for dead peer hairpin |
| CVE-2021-47247 | 2024-05-21 | net/mlx5e: Fix use-after-free of encap entry in neigh update handler |
| CVE-2021-47248 | 2024-05-21 | udp: fix race between close() and udp_abort() |
| CVE-2021-47249 | 2024-05-21 | net: rds: fix memory leak in rds_recvmsg |
| CVE-2021-47250 | 2024-05-21 | net: ipv4: fix memory leak in netlbl_cipsov4_add_std |
| CVE-2021-47251 | 2024-05-21 | mac80211: fix skb length check in ieee80211_scan_rx() |
| CVE-2021-47252 | 2024-05-21 | batman-adv: Avoid WARN_ON timing related checks |
| CVE-2021-47253 | 2024-05-21 | drm/amd/display: Fix potential memory leak in DMUB hw_init |
| CVE-2021-47254 | 2024-05-21 | gfs2: Fix use-after-free in gfs2_glock_shrink_scan |
| CVE-2021-47255 | 2024-05-21 | kvm: LAPIC: Restore guard to prevent illegal APIC register access |
| CVE-2021-47256 | 2024-05-21 | mm/memory-failure: make sure wait for page writeback in memory_failure |
| CVE-2021-47257 | 2024-05-21 | net: ieee802154: fix null deref in parse dev addr |
| CVE-2021-47258 | 2024-05-21 | scsi: core: Fix error handling of scsi_host_alloc() |
| CVE-2021-47259 | 2024-05-21 | NFS: Fix use-after-free in nfs4_init_client() |
| CVE-2021-47260 | 2024-05-21 | NFS: Fix a potential NULL dereference in nfs_get_client() |
| CVE-2021-47261 | 2024-05-21 | IB/mlx5: Fix initializing CQ fragments buffer |
| CVE-2021-47262 | 2024-05-21 | KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message |
| CVE-2021-47263 | 2024-05-21 | gpio: wcd934x: Fix shift-out-of-bounds error |
| CVE-2021-47264 | 2024-05-21 | ASoC: core: Fix Null-point-dereference in fmt_single_name() |
| CVE-2021-47265 | 2024-05-21 | RDMA: Verify port when creating flow rule |
| CVE-2021-47266 | 2024-05-21 | RDMA/ipoib: Fix warning caused by destroying non-initial netns |
| CVE-2021-47267 | 2024-05-21 | usb: fix various gadget panics on 10gbps cabling |
| CVE-2021-47268 | 2024-05-21 | usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port |
| CVE-2021-47269 | 2024-05-21 | usb: dwc3: ep0: fix NULL pointer exception |
| CVE-2021-47270 | 2024-05-21 | usb: fix various gadgets null ptr deref on 10gbps cabling. |
| CVE-2021-47271 | 2024-05-21 | usb: cdnsp: Fix deadlock issue in cdnsp_thread_irq_handler |
| CVE-2021-47272 | 2024-05-21 | usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL |
| CVE-2021-47273 | 2024-05-21 | usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled |
| CVE-2021-47274 | 2024-05-21 | tracing: Correct the length check which causes memory corruption |
| CVE-2021-47275 | 2024-05-21 | bcache: avoid oversized read request in cache missing code path |
| CVE-2021-47276 | 2024-05-21 | ftrace: Do not blindly read the ip address in ftrace_bug() |
| CVE-2021-47277 | 2024-05-21 | kvm: avoid speculation-based attacks from out-of-range memslot accesses |
| CVE-2021-47278 | 2024-05-21 | bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove() |
| CVE-2021-47279 | 2024-05-21 | usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() |
| CVE-2021-47280 | 2024-05-21 | drm: Fix use-after-free read in drm_getunique() |
| CVE-2021-47281 | 2024-05-21 | ALSA: seq: Fix race of snd_seq_timer_open() |
| CVE-2021-47282 | 2024-05-21 | spi: bcm2835: Fix out-of-bounds access with more than 4 slaves |
| CVE-2021-47283 | 2024-05-21 | net:sfc: fix non-freed irq in legacy irq mode |
| CVE-2021-47284 | 2024-05-21 | isdn: mISDN: netjet: Fix crash in nj_probe: |
| CVE-2021-47286 | 2024-05-21 | bus: mhi: core: Validate channel ID when processing command completions |
| CVE-2021-47287 | 2024-05-21 | driver core: auxiliary bus: Fix memory leak when driver_register() fail |
| CVE-2021-47288 | 2024-05-21 | media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() |
| CVE-2021-47289 | 2024-05-21 | ACPI: fix NULL pointer dereference |
| CVE-2021-47290 | 2024-05-21 | scsi: target: Fix NULL dereference on XCOPY completion |
| CVE-2021-47291 | 2024-05-21 | ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions |
| CVE-2021-47292 | 2024-05-21 | io_uring: fix memleak in io_init_wq_offload() |
| CVE-2021-47293 | 2024-05-21 | net/sched: act_skbmod: Skip non-Ethernet packets |
| CVE-2021-47294 | 2024-05-21 | netrom: Decrease sock refcount when sock timers expire |
| CVE-2021-47295 | 2024-05-21 | net: sched: fix memory leak in tcindex_partial_destroy_work |
| CVE-2021-47296 | 2024-05-21 | KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak |
| CVE-2021-47297 | 2024-05-21 | net: fix uninit-value in caif_seqpkt_sendmsg |
| CVE-2021-47298 | 2024-05-21 | bpf, sockmap: Fix potential memory leak on unlikely error case |
| CVE-2021-47299 | 2024-05-21 | xdp, net: Fix use-after-free in bpf_xdp_link_release |
| CVE-2021-47300 | 2024-05-21 | bpf: Fix tail_call_reachable rejection for interpreter when jit failed |
| CVE-2021-47301 | 2024-05-21 | igb: Fix use-after-free error during reset |