Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-48973 In the Linux kernel, the following vulnerability has been resolved: gpio: amd8111: Fix PCI device reference count leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_d... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48974 In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using __this_cpu_add in preemptible Currently in nf_conntrack_hash_check_insert(), when it fails in nf_c... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48976 In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable_offload: fix using __this_cpu_add in preemptible flow_offload_queue_work() can be called in workqueue without... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48977 In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rcv_filter Analogue to commit 8aa59e355949 ("can: af_can: fix NULL pointer derefe... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48978 In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hid_report_raw_event Syzbot reported shift-out-of-bounds in hid_report_raw_event. microsoft... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48979 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML [Why&How] LinkCapacitySupport array is indexed with the number of... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-46326 Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack of input sanitization in the logout function. | 6.1 | MEDIUM | β | 0 |
| CVE-2022-48980 In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries (S... | 7.8 | HIGH | β | 0 |
| CVE-2022-48981 In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM object get... | 7.8 | HIGH | β | 0 |
| CVE-2022-48983 In the Linux kernel, the following vulnerability has been resolved: io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48984 In the Linux kernel, the following vulnerability has been resolved: can: slcan: fix freed work crash The LTP test pty03 is causing a crash in slcan: BUG: kernel NULL pointer dereference, address: ... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48989 In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie If a cookie expires from the LRU and the LRU_DISCARD flag is set, but... | 4.7 | MEDIUM | β | 0 |
| CVE-2024-48645 In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization (CWE-862) allows any user to modify "function" files used by the game when installed on a dedicated serv... | 7.5 | HIGH | β | 0 |
| CVE-2024-46482 An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg... | 8.2 | HIGH | β | 0 |
| CVE-2022-48990 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free during gpu recovery [Why] [ 754.862560] refcount_t: underflow; use-after-free. [ 754.8628... | 7.8 | HIGH | β | 0 |
| CVE-2022-48992 In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcm_be_reparent API, to handle kernel NULL pointer dereference ... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48993 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | β | 0 |
| CVE-2022-48995 In the Linux kernel, the following vulnerability has been resolved: Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send() There is a kmemleak when test the raydium_i2c_ts with bpf mock devic... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49002 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() for_each_pci_dev() is implemented by pci_get_device(). The comme... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49003 In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_h... | 4.7 | MEDIUM | β | 0 |
| CVE-2024-46483 Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-49004 In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49005 In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fix bounds check for _sx controls For _sx controls the semantics of the max field is not the usual one, max is the numb... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49007 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() Syzbot reported a null-ptr-deref bug: NILFS (loop0): se... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49008 In the Linux kernel, the following vulnerability has been resolved: can: can327: can327_feed_frame_to_netdev(): fix potential skb leak when netdev is down In can327_feed_frame_to_netdev(), it did no... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49009 In the Linux kernel, the following vulnerability has been resolved: hwmon: (asus-ec-sensors) Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to ... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-46914 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | N/A | NONE | β | 0 |
| CVE-2022-49010 In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is a... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49011 In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pc... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49012 In the Linux kernel, the following vulnerability has been resolved: afs: Fix server->active leak in afs_put_server The atomic_read was accidentally replaced with atomic_inc_return, which prevents th... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49013 In the Linux kernel, the following vulnerability has been resolved: sctp: fix memory leak in sctp_stream_outq_migrate() When sctp_stream_outq_migrate() is called to release stream out resources, the... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49014 In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like belo... | 7.8 | HIGH | β | 0 |
| CVE-2024-9987 A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agents_modules_csv functionality.Β This issue affects Pandora FMS: from 700 through <777.3. | 8.8 | HIGH | β | 0 |
| CVE-2022-49015 In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netif_rx() which may free it, after calling this, dereferencing skb... | 7.8 | HIGH | β | 0 |
| CVE-2022-49016 In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I got the following report while doing device(mscc-miim) load test with CONFIG_O... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49017 In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetch skb cb after tipc_msg_validate As the call trace shows, the original skb was freed in tipc_msg_validate(), and dere... | 7.8 | HIGH | β | 0 |
| CVE-2022-49018 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid ... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-43173 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute. | 3.7 | LOW | β | 0 |
| CVE-2022-49019 In the Linux kernel, the following vulnerability has been resolved: net: ethernet: nixge: fix NULL dereference In function nixge_hw_dma_bd_release() dereference of NULL pointer priv->rx_bd_v is poss... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49020 In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9_socket_open Both p9_fd_create_tcp() and p9_fd_create_unix() will call p9_socket_open(). ... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49021 In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe() failed I got a null-ptr-deref report as following when doing fault injection test: BUG... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49022 In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_durat... | 7.8 | HIGH | β | 0 |
| CVE-2022-49023 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes that 5 octets are present withou... | 7.8 | HIGH | β | 0 |
| CVE-2022-49024 In the Linux kernel, the following vulnerability has been resolved: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods In m_can_pci_remove() and error handling path of m_can... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49025 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one o... | 7.8 | HIGH | β | 0 |
| CVE-2022-49026 In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100_xmit_prepare In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so e1... | 7.8 | HIGH | β | 0 |
| CVE-2022-49027 In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. C... | 5.5 | MEDIUM | β | 0 |
| CVE-2024-43177 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute. | 5.9 | MEDIUM | β | 0 |
| CVE-2022-49028 In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethre... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-49029 In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ib... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.