CVE List - 2024 / July
Showing 1601 - 1700 of 3115 CVEs for July 2024 (Page 17 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-48801 | 2024-07-16 | iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL |
| CVE-2022-48802 | 2024-07-16 | fs/proc: task_mmu.c: don't read mapcount for migration entry |
| CVE-2022-48803 | 2024-07-16 | phy: ti: Fix missing sentinel for clk_div_table |
| CVE-2022-48804 | 2024-07-16 | vt_ioctl: fix array_index_nospec in vt_setactivate |
| CVE-2022-48805 | 2024-07-16 | net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup |
| CVE-2022-48806 | 2024-07-16 | eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX |
| CVE-2022-48807 | 2024-07-16 | ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler |
| CVE-2022-48808 | 2024-07-16 | net: dsa: fix panic when DSA master device unbinds on shutdown |
| CVE-2022-48809 | 2024-07-16 | net: fix a memleak when uncloning an skb dst and its metadata |
| CVE-2022-48810 | 2024-07-16 | ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path |
| CVE-2022-48811 | 2024-07-16 | ibmvnic: don't release napi in __ibmvnic_open() |
| CVE-2022-48812 | 2024-07-16 | net: dsa: lantiq_gswip: don't use devres for mdiobus |
| CVE-2022-48813 | 2024-07-16 | net: dsa: felix: don't use devres for mdiobus |
| CVE-2022-48814 | 2024-07-16 | net: dsa: seville: register the mdiobus under devres |
| CVE-2022-48815 | 2024-07-16 | net: dsa: bcm_sf2: don't use devres for mdiobus |
| CVE-2022-48816 | 2024-07-16 | SUNRPC: lock against ->sock changing during sysfs read |
| CVE-2022-48817 | 2024-07-16 | net: dsa: ar9331: register the mdiobus under devres |
| CVE-2022-48818 | 2024-07-16 | net: dsa: mv88e6xxx: don't use devres for mdiobus |
| CVE-2022-48819 | 2024-07-16 | tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case |
| CVE-2022-48820 | 2024-07-16 | phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() |
| CVE-2022-48821 | 2024-07-16 | misc: fastrpc: avoid double fput() on failed usercopy |
| CVE-2022-48822 | 2024-07-16 | usb: f_fs: Fix use-after-free for epfile |
| CVE-2022-48823 | 2024-07-16 | scsi: qedf: Fix refcount issue when LOGO is received during TMF |
| CVE-2022-48824 | 2024-07-16 | scsi: myrs: Fix crash in error case |
| CVE-2022-48825 | 2024-07-16 | scsi: qedf: Add stag_work to all the vports |
| CVE-2022-48826 | 2024-07-16 | drm/vc4: Fix deadlock on DSI device attach error |
| CVE-2022-48827 | 2024-07-16 | NFSD: Fix the behavior of READ near OFFSET_MAX |
| CVE-2022-48828 | 2024-07-16 | NFSD: Fix ia_size underflow |
| CVE-2022-48829 | 2024-07-16 | NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes |
| CVE-2022-48830 | 2024-07-16 | can: isotp: fix potential CAN frame reception race in isotp_rcv() |
| CVE-2022-48831 | 2024-07-16 | ima: fix reference leak in asymmetric_verify() |
| CVE-2022-48832 | 2024-07-16 | audit: don't deref the syscall args when checking the openat2 open_how::flags |
| CVE-2022-48833 | 2024-07-16 | btrfs: skip reserved bytes warning on unmount after log cleanup failure |
| CVE-2022-48834 | 2024-07-16 | usb: usbtmc: Fix bug in pipe direction for control transfers |
| CVE-2022-48835 | 2024-07-16 | scsi: mpt3sas: Page fault in reply q processing |
| CVE-2022-48836 | 2024-07-16 | Input: aiptek - properly check endpoint type |
| CVE-2022-48837 | 2024-07-16 | usb: gadget: rndis: prevent integer overflow in rndis_set_response() |
| CVE-2022-48838 | 2024-07-16 | usb: gadget: Fix use-after-free bug by not setting udc->dev.driver |
| CVE-2022-48839 | 2024-07-16 | net/packet: fix slab-out-of-bounds access in packet_recvmsg() |
| CVE-2022-48840 | 2024-07-16 | iavf: Fix hang during reboot/shutdown |
| CVE-2022-48841 | 2024-07-16 | ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() |
| CVE-2022-48842 | 2024-07-16 | ice: Fix race condition during interface enslave |
| CVE-2022-48843 | 2024-07-16 | drm/vrr: Set VRR capable prop only if it is attached to connector |
| CVE-2022-48844 | 2024-07-16 | Bluetooth: hci_core: Fix leaking sent_cmd skb |
| CVE-2022-48845 | 2024-07-16 | MIPS: smp: fill in sibling and core maps earlier |
| CVE-2022-48846 | 2024-07-16 | block: release rq qos structures for queue without disk |
| CVE-2022-48847 | 2024-07-16 | watch_queue: Fix filter limit check |
| CVE-2022-48848 | 2024-07-16 | tracing/osnoise: Do not unregister events twice |
| CVE-2022-48849 | 2024-07-16 | drm/amdgpu: bypass tiling flag check in virtual display case (v2) |
| CVE-2022-48850 | 2024-07-16 | net-sysfs: add check for netdevice being present to speed_show |
| CVE-2022-48851 | 2024-07-16 | staging: gdm724x: fix use after free in gdm_lte_rx() |
| CVE-2022-48852 | 2024-07-16 | drm/vc4: hdmi: Unregister codec device on unbind |
| CVE-2022-48853 | 2024-07-16 | swiotlb: fix info leak with DMA_FROM_DEVICE |
| CVE-2022-48854 | 2024-07-16 | net: arc_emac: Fix use after free in arc_mdio_probe() |
| CVE-2022-48855 | 2024-07-16 | sctp: fix kernel-infoleak for SCTP sockets |
| CVE-2022-48856 | 2024-07-16 | gianfar: ethtool: Fix refcount leak in gfar_get_ts_info |
| CVE-2022-48857 | 2024-07-16 | NFC: port100: fix use-after-free in port100_send_complete |
| CVE-2022-48858 | 2024-07-16 | net/mlx5: Fix a race on command flush flow |
| CVE-2022-48859 | 2024-07-16 | net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr |
| CVE-2022-48860 | 2024-07-16 | ethernet: Fix error handling in xemaclite_of_probe |
| CVE-2022-48861 | 2024-07-16 | vdpa: fix use-after-free on vp_vdpa_remove |
| CVE-2022-48862 | 2024-07-16 | vhost: fix hung thread due to erroneous iotlb entries |
| CVE-2022-48863 | 2024-07-16 | mISDN: Fix memory leak in dsp_pipeline_build() |
| CVE-2022-48864 | 2024-07-16 | vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command |
| CVE-2022-48865 | 2024-07-16 | tipc: fix kernel panic when enabling bearer |
| CVE-2022-48866 | 2024-07-16 | HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts |
| CVE-2024-6435 | 2024-07-16 | Rockwell Automation Privilege Escalation Vulnerability in Pavilion8® |
| CVE-2024-32861 | 2024-07-16 | Software House C•CURE - CouchDB executable protection |
| CVE-2022-45449 | 2024-07-16 | Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984. |
| CVE-2024-6655 | 2024-07-16 | Gtk3: gtk2: library injection from cwd |
| CVE-2024-22442 | 2024-07-16 | The vulnerability could be remotely exploited to bypass authentication. |
| CVE-2024-6325 | 2024-07-16 | Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services |
| CVE-2024-6326 | 2024-07-16 | Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services |
| CVE-2024-3232 | 2024-07-16 | Formula Injection Vulnerability |
| CVE-2024-40626 | 2024-07-16 | Stored Cross-site Scripting (XSS) vulnerability in Outline editor |
| CVE-2024-6089 | 2024-07-16 | Rockwell Automation Major nonrecoverable fault in 5015 – AENFTXT |
| CVE-2024-39908 | 2024-07-16 | Denial of service in REXML |
| CVE-2024-39700 | 2024-07-16 | Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action |
| CVE-2024-6492 | 2024-07-16 | Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially... |
| CVE-2024-21686 | 2024-07-16 | This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Stored XSS vulnerability, with a CVSS Score of 7.3, allows an authenticated... |
| CVE-2024-21687 | 2024-07-16 | This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo Data Center and Server. This File Inclusion vulnerability, with a... |
| CVE-2020-25836 | 2024-07-16 | Potential information leakage resulting in unauthorized access |
| CVE-2024-5566 | 2024-07-16 | Improper Privilege Management allows for access to unauthorized repository content during migration |
| CVE-2024-5795 | 2024-07-16 | Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed resource exhaustion |
| CVE-2024-5815 | 2024-07-16 | Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository |
| CVE-2024-5816 | 2024-07-16 | Improper authorization allows persistent access in GitHub Enterprise Server |
| CVE-2024-5817 | 2024-07-16 | Improper authorization allows read access to issue content in GitHub Enterprise Server |
| CVE-2024-6336 | 2024-07-16 | Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure |
| CVE-2024-6395 | 2024-07-16 | GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys |
| CVE-2024-6772 | 2024-07-16 | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6773 | 2024-07-16 | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6774 | 2024-07-16 | Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap... |
| CVE-2024-6775 | 2024-07-16 | Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap... |
| CVE-2024-6776 | 2024-07-16 | Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6777 | 2024-07-16 | Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a... |
| CVE-2024-6778 | 2024-07-16 | Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page... |
| CVE-2024-6779 | 2024-07-16 | Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security... |
| CVE-2023-7011 | 2024-07-16 | Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.... |
| CVE-2023-7013 | 2024-07-16 | Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2024-2884 | 2024-07-16 | Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium... |