CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-57908

Description: In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the array to zero before using it to avoid pushing uninitialized information to userspace.

EPSS Score: 0.04%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-57907

Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

EPSS Score: 0.04%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-57906

Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. Initialize the array to zero before using it to avoid pushing uninitialized information to userspace.

EPSS Score: 0.04%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-57905

Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole is never initialized. Initialize the struct to zero before using it to avoid pushing uninitialized information to userspace.

EPSS Score: 0.04%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-57904

Description: In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call input_free_device() on allocated iio_dev Current implementation of at91_ts_register() calls input_free_deivce() on st->ts_input, however, the err label can be reached before the allocated iio_dev is stored to st->ts_input. Thus call input_free_device() on input instead of st->ts_input.

EPSS Score: 0.04%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-45653

Description: IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.

CVSS: MEDIUM (4.3)

EPSS Score: 0.05%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-45652

Description: IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-41783

Description: IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.

CVSS: CRITICAL (9.1)

EPSS Score: 0.05%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-41743

Description: IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
January 20th, 2025 (6 months ago)

CVE-2024-41742

Description: IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
January 20th, 2025 (6 months ago)