CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-8353 – GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-8353
27 Sep 2024 — The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. • https://www.rcesecurity.com/2024/08/wordpress-givewp-pop-to-rce-cve-2024-5932 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46865 – fou: fix initialization of grc
https://notcve.org/view.php?id=CVE-2024-46865
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/231c235d2f7a66f018f172e26ffd47c363f244ef •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46859 – platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
https://notcve.org/view.php?id=CVE-2024-46859
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF array with index values of 0 - SINF_CUR_BRIGHT(0x0d) without checking that the SINF array is big enough. ... For higher SINF indexes hide the sysfs attributes when the SINF array does not contain an entry for that attribute, avoiding show()/store() accessing the array out of bounds and add bounds checking to... • https://git.kernel.org/stable/c/e424fb8cc4e6634c10f8159b1ff5618cf7bab9c6 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46858 – mptcp: pm: Fix uaf in __timer_delete_sync
https://notcve.org/view.php?id=CVE-2024-46858
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/00cfd77b9063dcdf3628a7087faba60de85a9cc8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46855 – netfilter: nft_socket: fix sk refcount leaks
https://notcve.org/view.php?id=CVE-2024-46855
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/039b1f4f24ecc8493b6bb9d70b4b78750d1b35c2 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46854 – net: dpaa: Pad packets to ETH_ZLEN
https://notcve.org/view.php?id=CVE-2024-46854
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/9ad1a37493338cacf04e2c93acf44d151a7adda8 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46853 – spi: nxp-fspi: fix the KASAN report out-of-bounds bug
https://notcve.org/view.php?id=CVE-2024-46853
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/a5356aef6a907c2e2aed0caaa2b88b6021394471 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46852 – dma-buf: heaps: Fix off-by-one in CMA heap fault handler
https://notcve.org/view.php?id=CVE-2024-46852
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/a5d2d29e24be8967ef78a1b1fb2292413e3b3df9 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46849 – ASoC: meson: axg-card: fix 'use-after-free'
https://notcve.org/view.php?id=CVE-2024-46849
27 Sep 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/7864a79f37b55769b817d5e6c5ae0ca4bfdba93b •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46840 – btrfs: clean up our handling of refs == 0 in snapshot delete
https://notcve.org/view.php?id=CVE-2024-46840
27 Sep 2024 — In do_walk_down() we catch this case and handle it correctly, however we return -EIO, which -EUCLEAN is a more appropriate error code. ... An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/c847b28a799733b04574060ab9d00f215970627d •