Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-49906
drm/amd/display: Check null pointer before try to access it
Description: In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to ensure that plane_state is not null before accessing it.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49899
drm/amd/display: Initialize denominators' default to 1
Description: In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW] Variables used as denominators and maybe not assigned to other values, should not be 0. Change their default to 1 so they are never 0. This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49898
drm/amd/display: Check null-initialized variables
Description: In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing. This fixes 2 FORWARD_NULL issues reported by Coverity.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49897
drm/amd/display: Check phantom_stream before it is used
Description: In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49891
scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths
Description: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or lpfc_abort_handler(). Add NULL ptr checks before dereferencing hdwq pointers that may have been freed due to operations colliding with a reset or errata event handler.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49603
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate...
Description: Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49602
Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could...
Description: Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-49600
Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access...
Description: Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of Privileges.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-48956
Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint...
Description: Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)

CVE-2024-46901
Apache Subversion: mod_dav_svn denial-of-service via control characters in paths
Description: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.

CVSS: LOW (3.1)

EPSS Score: 0.04%

Source: CVE
December 10th, 2024 (5 months ago)