CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36921 – wifi: iwlwifi: mvm: guard against invalid STA ID on removal
https://notcve.org/view.php?id=CVE-2024-36921
This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://git.kernel.org/stable/c/94f80a8ec15e238b78521f20f8afaed60521a294 https://git.kernel.org/stable/c/fab21d220017daa5fd8a3d788ff25ccfecfaae2f https://git.kernel.org/stable/c/17f64517bf5c26af56b6c3566273aad6646c3c4f https://access.redhat.com/security/cve/CVE-2024-36921 https://bugzilla.redhat.com/show_bug.cgi?id=2284513 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-36904 – tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().
https://notcve.org/view.php?id=CVE-2024-36904
This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://git.kernel.org/stable/c/ec94c2696f0bcd5ae92a553244e4ac30d2171a2d https://git.kernel.org/stable/c/84546cc1aeeb4df3e444b18a4293c9823f974be9 https://git.kernel.org/stable/c/1796ca9c6f5bd50554214053af5f47d112818ee3 https://git.kernel.org/stable/c/1d9cf07810c30ef7948879567d10fd1f01121d34 https://git.kernel.org/stable/c/27b0284d8be182a81feb65581ab6a724dfd596e8 https://git.kernel.org/stable/c/13ed7cdf079686ccd3618335205700c03f6fb446 https://git.kernel.org/stable/c/6e48faad92be13166184d21506e4e54c79c13adc https://git.kernel.org/stable/c/517e32ea0a8c72202d0d8aa8df50a7cd3 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-36883 – net: fix out-of-bounds access in ops_init
https://notcve.org/view.php?id=CVE-2024-36883
This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://git.kernel.org/stable/c/073862ba5d249c20bd5c49fc6d904ff0e1f6a672 https://git.kernel.org/stable/c/561331eae0a03d0c4cf60f3cf485aa3e8aa5ab48 https://git.kernel.org/stable/c/a2c82f7bee1ffa9eafa1fb0bd886a7eea8c9e497 https://git.kernel.org/stable/c/3cdc34d76c4f777579e28ad373979d36c030cfd3 https://git.kernel.org/stable/c/7b0e64583eab8c1d896b47e5dd0bf2e7d86ec41f https://git.kernel.org/stable/c/0c3248bc708a7797be573214065cf908ff1f54c7 https://git.kernel.org/stable/c/9518b79bfd2fbf99fa9b7e8e36bcb1825e7ba030 https://git.kernel.org/stable/c/2d60ff5874aefd006717ca5e22ac1e25e • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-30369 – A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-30369
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. ... This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://support.a10networks.com/support/security_advisory/cve-2024-30368-cve-2024-30369 https://www.zerodayinitiative.com/advisories/ZDI-24-525 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31510
https://notcve.org/view.php?id=CVE-2024-31510
An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component. • https://gist.github.com/liang-junkai/a9fc693f8bdf176e9d9f56773bf20703 https://github.com/liang-junkai/Fault-injection-of-ML-DSA https://github.com/open-quantum-safe/liboqs • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI) •