Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-47975 |
Description: Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enable denial of service.
CVSS: HIGH (7.0) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47974 |
Description: Race condition during resource shutdown in some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47973 |
Description: In some Solidigm DC Products, a defect in device overprovisioning may provide information disclosure to an attacker.
CVSS: MEDIUM (5.1) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47972 |
Description: Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
CVSS: MEDIUM (4.0) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47971 |
Description: Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47969 |
Description: Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVSS: MEDIUM (6.2) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47968 |
Description: Improper resource shutdown in middle of certain operations on some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47967 |
Description: Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVSS: MEDIUM (4.4) EPSS Score: 0.04%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47835 |
Description: GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer returned by this call is then passed to g_strdup(). However, if the string line does not contain the character ']', strchr() returns NULL, and a call to g_strdup(start + 1) leads to a null pointer dereference. This vulnerability is fixed in 1.24.10.
CVSS: MEDIUM (6.8) EPSS Score: 0.05%
December 12th, 2024 (5 months ago)
|
|
CVE-2024-47834 |
Description: GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_parse_stream function, a data chunk is allocated using gst_ebml_read_binary. Later, the allocated memory is freed in the gst_matroska_track_free function, by the call to g_free (track->codec_priv). Finally, the freed memory is accessed in the caps_serialize function through gst_value_serialize_buffer. The freed memory will be accessed in the gst_value_serialize_buffer function. This results in a UAF read vulnerability, as the function tries to process memory that has already been freed. This vulnerability is fixed in 1.24.10.
CVSS: MEDIUM (5.1) EPSS Score: 0.06%
December 12th, 2024 (5 months ago)
|