CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38555 – net/mlx5: Discard command completions in internal error
https://notcve.org/view.php?id=CVE-2024-38555
19 Jun 2024 — Kernel log: ------------[ cut here ]------------ refcount_t: underflow; use-after-free. Kernel log: ------------[ cut here ]------------ refcount_t: underflow; use-after-free. ... RIP: 0010:refcount_warn_saturate+0xd8/0xe0 ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-38547 – media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries
https://notcve.org/view.php?id=CVE-2024-38547
19 Jun 2024 — Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://git.kernel.org/stable/c/a49d25364dfb9f8a64037488a39ab1f56c5fa419 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36975 – KEYS: trusted: Do not use WARN when encode fails
https://notcve.org/view.php?id=CVE-2024-36975
18 Jun 2024 — Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://git.kernel.org/stable/c/f2219745250f388edacabe6cca73654131c67d0a •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37305 – Buffer overflow in deserialization in oqs-provider
https://notcve.org/view.php?id=CVE-2024-37305
17 Jun 2024 — oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-h... • https://github.com/open-quantum-safe/oqs-provider/pull/416 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-130: Improper Handling of Length Parameter Inconsistency CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32913
https://notcve.org/view.php?id=CVE-2024-32913
13 Jun 2024 — In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29784
https://notcve.org/view.php?id=CVE-2024-29784
13 Jun 2024 — In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/pixel/2024-06-01 • CWE-190: Integer Overflow or Wraparound CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30067 – Winlogon Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30067
11 Jun 2024 — Winlogon Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios de Winlogon • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30067 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-30064 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30064
11 Jun 2024 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30064 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-30072 – Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30072
11 Jun 2024 — Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en el análisis del archivo de registro de seguimiento de eventos de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30072 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-30070 – DHCP Server Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-30070
11 Jun 2024 — DHCP Server Service Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del servicio del servidor DHCP • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30070 • CWE-191: Integer Underflow (Wrap or Wraparound) •