Total
7274 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23370 | 1 Qualcomm | 22 Qca6584au, Qca6584au Firmware, Qca6698aq and 19 more | 2024-10-16 | N/A | 6.7 MEDIUM |
| Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. | |||||
| CVE-2024-23376 | 1 Qualcomm | 42 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 39 more | 2024-10-16 | N/A | 6.7 MEDIUM |
| Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. | |||||
| CVE-2024-33069 | 1 Qualcomm | 88 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 85 more | 2024-10-16 | N/A | 7.5 HIGH |
| Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. | |||||
| CVE-2024-38399 | 1 Qualcomm | 80 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 77 more | 2024-10-16 | N/A | 7.8 HIGH |
| Memory corruption while processing user packets to generate page faults. | |||||
| CVE-2024-8422 | 1 Schneider-electric | 1 Zelio Soft 2 | 2024-10-16 | N/A | 7.8 HIGH |
| CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file. | |||||
| CVE-2024-39831 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 6.7 MEDIUM |
| in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. | |||||
| CVE-2024-47418 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47415 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47414 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47413 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-47412 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | N/A | 7.8 HIGH |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-38259 | 1 Microsoft | 6 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2024-10-10 | N/A | 8.8 HIGH |
| Microsoft Management Console Remote Code Execution Vulnerability | |||||
| CVE-2024-46842 | 1 Linux | 1 Linux Kernel | 2024-10-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info The MBX_TIMEOUT return code is not handled in lpfc_get_sfp_info and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for MBX_TIMEOUT cases, when firmware returns SFP information at a later time, that same mailbox memory region references previously freed memory in its cmpl routine. Fix by adding checks for the MBX_TIMEOUT return code. During mailbox resource cleanup, check the mbox flag to make sure that the wait did not timeout. If the MBOX_WAKE flag is not set, then do not free the resources because it will be freed when firmware completes the mailbox at a later time in its cmpl routine. Also, increase the timeout from 30 to 60 seconds to accommodate boot scripts requiring longer timeouts. | |||||
| CVE-2024-23923 | 1 Alpsalpine | 2 Ilx-f509, Ilx-f509 Firmware | 2024-10-03 | N/A | 8.8 HIGH |
| Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prh_l2_sar_data_ind function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22945 | |||||
| CVE-2024-46831 | 1 Linux | 1 Linux Kernel | 2024-10-02 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcap_del_rule. | |||||
| CVE-2024-46845 | 1 Linux | 1 Linux Kernel | 2024-10-02 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a time and another tracing instance can start up resetting the threads before they are fully closed. That causes the hrtimer assigned to the kthread to be shutdown and freed twice when the dying thread finally closes the file descriptors, causing a use-after-free bug. Only cancel the hrtimer if the associated thread is still around. Also add the interface_lock around the resetting of the tlat_var->kthread. Note, this is just a quick fix that can be backported to stable. A real fix is to have a better synchronization between the shutdown of old threads and the starting of new ones. | |||||
| CVE-2024-43491 | 1 Microsoft | 1 Windows 10 1507 | 2024-09-26 | N/A | 9.8 CRITICAL |
| Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. | |||||
| CVE-2024-31960 | 1 Samsung | 4 Exynos 1480, Exynos 1480 Firmware, Exynos 2400 and 1 more | 2024-09-24 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free. | |||||
| CVE-2024-8947 | 1 Micropython | 1 Micropython | 2024-09-24 | 5.1 MEDIUM | 8.1 HIGH |
| A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 1.23.0 is able to address this issue. The identifier of the patch is 4bed614e707c0644c06e117f848fa12605c711cd. It is recommended to upgrade the affected component. In micropython objarray component, when a bytes object is resized and copied into itself, it may reference memory that has already been freed. | |||||
| CVE-2024-26186 | 1 Microsoft | 5 Sql 2016 Azure Connect Feature Pack, Sql Server 2016, Sql Server 2017 and 2 more | 2024-09-23 | N/A | 8.8 HIGH |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | |||||