CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42106 – inet_diag: Initialize pad field in struct inet_diag_req_v2
https://notcve.org/view.php?id=CVE-2024-42106
30 Jul 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/432490f9d455fb842d70219f22d9d2c812371676 •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42105 – nilfs2: fix inode number range checks
https://notcve.org/view.php?id=CVE-2024-42105
30 Jul 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/57235c3c88bb430043728d0d02f44a4efe386476 •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-42102 – Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"
https://notcve.org/view.php?id=CVE-2024-42102
30 Jul 2024 — A local attacker could possibly use this to cause a denial of service. • https://git.kernel.org/stable/c/c593d26fb5d577ef31b6e49a31e08ae3ebc1bc1e • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42101 – drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
https://notcve.org/view.php?id=CVE-2024-42101
30 Jul 2024 — The return value of the drm_mode_duplicate function is not checked in the nouveau_connector_get_modes function in the drivers/gpu/drm/nouveau/nouveau_connector.c file, possibly causing a NULL pointer dereference and resulting in a denial of service. ... A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/6ee738610f41b59733f63718f0bdbcba7d3a3f12 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38983
https://notcve.org/view.php?id=CVE-2024-38983
30 Jul 2024 — Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the _assign() method at (/lib/index.js:91) Prototype Pollution en alykoshin mini-deep-assign v0.0.8 permite a un atacante ejecutar código arbitrario o causar una denegación de servicio (DoS) y causar otros impactos a través del método _assign() en (/lib/index.js:91) • https://gist.github.com/mestrtee/f82d0c3a8fe3a125f06425caef5d22ed • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38984
https://notcve.org/view.php?id=CVE-2024-38984
30 Jul 2024 — Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. Prototype Pollution en lukebond json-override 0.2.0 permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) a través de la propiedad __proto__. • https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38986
https://notcve.org/view.php?id=CVE-2024-38986
30 Jul 2024 — Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects. Prototype Pollution en 75 lb deep-merge 1.1.1 permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) y provocar otros impactos mediante métodos de fusión de lodash para fusionar objetos. • https://gist.github.com/mestrtee/b20c3aee8bea16e1863933778da6e4cb • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39010
https://notcve.org/view.php?id=CVE-2024-39010
30 Jul 2024 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. ... Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) mediante la inyección de propiedades arbitrarias. • https://gist.github.com/mestrtee/af7a746df91ab5e944bd7a186816c262 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39011
https://notcve.org/view.php?id=CVE-2024-39011
30 Jul 2024 — Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects. Prototype Pollution en chargeover redoc v2.0.9-rc.69 permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) y provocar otros impactos a través de la función mergeObjects. • https://gist.github.com/mestrtee/693ef1c8b0a5ff1ae19f253381711f3e • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39012
https://notcve.org/view.php?id=CVE-2024-39012
30 Jul 2024 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. ... Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario o provocar una denegación de servicio (DoS) mediante la inyección de propiedades arbitrarias. • https://gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •