CVE-2024-57908 |
Description: In the Linux kernel, the following vulnerability has been resolved:
iio: imu: kmx61: fix information leak in triggered buffer
The 'buffer' local array is used to push data to user space from a
triggered buffer, but it does not set values for inactive channels, as
it only uses iio_for_each_active_channel() to assign new values.
Initialize the array to zero before using it to avoid pushing
uninitialized information to userspace.
EPSS Score: 0.04%
January 20th, 2025 (6 months ago)
|
CVE-2024-57907 |
Description: In the Linux kernel, the following vulnerability has been resolved:
iio: adc: rockchip_saradc: fix information leak in triggered buffer
The 'data' local struct is used to push data to user space from a
triggered buffer, but it does not set values for inactive channels, as
it only uses iio_for_each_active_channel() to assign new values.
Initialize the struct to zero before using it to avoid pushing
uninitialized information to userspace.
EPSS Score: 0.04%
January 20th, 2025 (6 months ago)
|
CVE-2024-57906 |
Description: In the Linux kernel, the following vulnerability has been resolved:
iio: adc: ti-ads8688: fix information leak in triggered buffer
The 'buffer' local array is used to push data to user space from a
triggered buffer, but it does not set values for inactive channels, as
it only uses iio_for_each_active_channel() to assign new values.
Initialize the array to zero before using it to avoid pushing
uninitialized information to userspace.
EPSS Score: 0.04%
January 20th, 2025 (6 months ago)
|
CVE-2024-57905 |
Description: In the Linux kernel, the following vulnerability has been resolved:
iio: adc: ti-ads1119: fix information leak in triggered buffer
The 'scan' local struct is used to push data to user space from a
triggered buffer, but it has a hole between the sample (unsigned int)
and the timestamp. This hole is never initialized.
Initialize the struct to zero before using it to avoid pushing
uninitialized information to userspace.
EPSS Score: 0.04%
January 20th, 2025 (6 months ago)
|
CVE-2024-57904 |
Description: In the Linux kernel, the following vulnerability has been resolved:
iio: adc: at91: call input_free_device() on allocated iio_dev
Current implementation of at91_ts_register() calls input_free_deivce()
on st->ts_input, however, the err label can be reached before the
allocated iio_dev is stored to st->ts_input. Thus call
input_free_device() on input instead of st->ts_input.
EPSS Score: 0.04%
January 20th, 2025 (6 months ago)
|
CVE-2024-45653 |
Description: IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
January 20th, 2025 (6 months ago)
|
CVE-2024-45652 |
Description: IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
January 20th, 2025 (6 months ago)
|
CVE-2024-41783 |
Description: IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.
CVSS: CRITICAL (9.1) EPSS Score: 0.05%
January 20th, 2025 (6 months ago)
|
CVE-2024-41743 |
Description: IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources.
CVSS: HIGH (7.5) EPSS Score: 0.05%
January 20th, 2025 (6 months ago)
|
CVE-2024-41742 |
Description: IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS: HIGH (7.5) EPSS Score: 0.05%
January 20th, 2025 (6 months ago)
|