CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-41019 – fs/ntfs3: Validate ff offset
https://notcve.org/view.php?id=CVE-2024-41019
29 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-41017 – jfs: don't walk off the end of ealist
https://notcve.org/view.php?id=CVE-2024-41017
29 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/7f91bd0f2941fa36449ce1a15faaa64f840d9746 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41016 – ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
https://notcve.org/view.php?id=CVE-2024-41016
29 Jul 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090 •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-41015 – ocfs2: add bounds checking to ocfs2_check_dir_entry()
https://notcve.org/view.php?id=CVE-2024-41015
29 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/13d38c00df97289e6fba2e54193959293fd910d2 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41091 – tun: add missing verification for short frame
https://notcve.org/view.php?id=CVE-2024-41091
29 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/043d222f93ab8c76b56a3b315cd8692e35affb6c • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41090 – tap: add missing verification for short frame
https://notcve.org/view.php?id=CVE-2024-41090
29 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/0efac27791ee068075d80f07c55a229b1335ce12 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37381
https://notcve.org/view.php?id=CVE-2024-37381
29 Jul 2024 — An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2024 flat allows an authenticated attacker within the same network to execute arbitrary code. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-July-2024-for-EPM-2024 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7245 – Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7245
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escalate privileges and execute... • https://www.zerodayinitiative.com/advisories/ZDI-24-1015 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7234 – AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7234
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escalate privileges and execute... • https://www.zerodayinitiative.com/advisories/ZDI-24-1008 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7240 – F-Secure Total Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7240
29 Jul 2024 — An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1012 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •