NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2024-50163 - In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirect paths, and the two paths use the same numeric ... read CVE-2024-50163
Published: November 07, 2024; 5:15:07 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-11493 - A vulnerability classified as problematic was found in 115cms up to 20240807. This vulnerability affects unknown code of the file /index.php/setpage/admin/pageAE.html. The manipulation of the argument tid leads to cross site scripting. The attack ... read CVE-2024-11493
Published: November 20, 2024; 1:15:22 PM -0500

V3.1: 5.4 MEDIUM
CVE-2024-48981 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The init... read CVE-2024-48981
Published: November 20, 2024; 3:15:19 PM -0500

V3.1: 7.5 HIGH
CVE-2024-50151 - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compoun... read CVE-2024-50151
Published: November 07, 2024; 5:15:06 AM -0500

V3.1: 7.8 HIGH
CVE-2024-50150 - In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode,... read CVE-2024-50150
Published: November 07, 2024; 5:15:06 AM -0500

V3.1: 7.8 HIGH
CVE-2024-48983 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the ... read CVE-2024-48983
Published: November 20, 2024; 3:15:19 PM -0500

V3.1: 7.5 HIGH
CVE-2024-50063 - In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or retur... read CVE-2024-50063
Published: October 21, 2024; 4:15:18 PM -0400

V3.1: 7.8 HIGH
CVE-2024-50042 - In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice ... read CVE-2024-50042
Published: October 21, 2024; 4:15:17 PM -0400

V3.1: 7.1 HIGH
CVE-2024-48985 - An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the entire packet, the si... read CVE-2024-48985
Published: November 20, 2024; 3:15:19 PM -0500

V3.1: 7.5 HIGH
CVE-2024-53055 - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction wil... read CVE-2024-53055
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53054 - In the Linux kernel, the following vulnerability has been resolved: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hung_task problem shown below was found: INFO: task kworker/0:0:8 blocked for more than 327 seconds. "echo 0 ... read CVE-2024-53054
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53053 - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix another deadlock during RTC update If ufshcd_rtc_work calls ufshcd_rpm_put_sync() and the pm's usage_count is 0, we will enter the runtime suspend callback.... read CVE-2024-53053
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53052 - In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bump the super block rwsem, preventing any freezes... read CVE-2024-53052
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 4.4 MEDIUM
CVE-2024-53049 - In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The root cause is that __kmalloc_cache_noprof was dir... read CVE-2024-53049
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-46788 - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that t... read CVE-2024-46788
Published: September 18, 2024; 4:15:05 AM -0400

V3.1: 5.5 MEDIUM
CVE-2024-50169 - In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) ... read CVE-2024-50169
Published: November 07, 2024; 5:15:08 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-11179 - The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'status_type' parameter in all versions up to, and including, 4.15.7 due to insufficient escaping on the user supplied param... read CVE-2024-11179
Published: November 20, 2024; 5:15:05 AM -0500

V3.1: 6.5 MEDIUM
CVE-2024-50166 - In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes referen... read CVE-2024-50166
Published: November 07, 2024; 5:15:07 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50165 - In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it can be freed later. Otherwise, the kmalloc area pointed... read CVE-2024-50165
Published: November 07, 2024; 5:15:07 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-52677 - HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php.
Published: November 20, 2024; 4:15:08 PM -0500

V3.1: 9.8 CRITICAL

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: