CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21836 | unknown | — | — | — | A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacke… | |||
| CVE-2024-49905 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) This commit adds a null check for the 'afb… | |||
| CVE-2024-49906 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to en… | |||
| CVE-2024-49907 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same func… | |||
| CVE-2024-50071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of… | |||
| CVE-2024-21825 | unknown | — | — | — | A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to co… | |||
| CVE-2024-50076 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of v… | |||
| CVE-2024-50079 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work When the sqpoll is exiting and cancels pending work ite… | |||
| CVE-2024-50080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLK_F_USER_COPY requires userspace to call write() on ublk char device for f… | |||
| CVE-2024-50088 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in add_inode_ref() The add_inode_ref() function does not initialize the "name" struct when … | |||
| CVE-2024-50097 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms (such as i.MX25 and i.MX27) do not support PTP, so on these p… | |||
| CVE-2024-50090 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch buffer, this is n… | |||
| CVE-2024-50096 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_dmem_copy_one` function ensures that the copy push… | |||
| CVE-2024-50103 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe()… | |||
| CVE-2024-50098 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of… | |||
| CVE-2024-27400 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always m… | |||
| CVE-2024-26985 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init Add a unreference bo in the error path, to prevent leaking a bo ref. Return … | |||
| CVE-2024-50100 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy… | |||
| CVE-2024-26980 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation … | |||
| CVE-2024-27002 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probin… | |||
| CVE-2024-50111 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled con… | |||
| CVE-2024-50122 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race b… | |||
| CVE-2024-50123 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockma… | |||
| CVE-2024-26967 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated wit… | |||
| CVE-2024-50133 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If … | |||
| CVE-2024-50136 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enablin… | |||
| CVE-2024-50137 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC data->asserted will be NULL on JH7110 SoC since commit 8232… | |||
| CVE-2024-50138 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Use raw_spinlock_t in ringbuf The function __bpf_ringbuf_reserve is invoked from a tracepoint, which disables preemption. Us… | |||
| CVE-2024-50140 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick… | |||
| CVE-2024-50139 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host ker… | |||
| CVE-2024-50145 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocatio… | |||
| CVE-2024-50147 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initia… | |||
| CVE-2024-50149 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't free job in TDR Freeing job in TDR is not safe as TDR can pass the run_job thread resulting in UAF. It is only safe… | |||
| CVE-2024-50297 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts Enqueue packets in dql after dma engine starts causes rac… | |||
| CVE-2024-50298 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabl… | |||
| CVE-2024-53062 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to sp… | |||
| CVE-2024-52560 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr() Extended the `mi_enum_attr()` function interface with an … | |||
| CVE-2024-26869 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gc_data_s… | |||
| CVE-2024-53043 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet s… | |||
| CVE-2024-53045 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapm_widget_list_create The widgets array in the snd_soc_dapm_widget_list has a __counted… | |||
| CVE-2024-26865 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN… | |||
| CVE-2024-53048 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Intel provides the… | |||
| CVE-2024-53049 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The r… | |||
| CVE-2024-53053 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix another deadlock during RTC update If ufshcd_rtc_work calls ufshcd_rpm_put_sync() and the pm's usage_count i… | |||
| CVE-2024-53056 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fa… | |||
| CVE-2024-53058 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header… | |||
| CVE-2024-26847 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-w… | |||
| CVE-2024-26849 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] … | |||
| CVE-2024-53061 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer … | |||
| CVE-2024-53066 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G … | |||
| CVE-2024-53075 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the v… | |||
| CVE-2024-53067 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only st… | |||
| CVE-2024-53068 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev->name is released prematurely in __scmi_device_de… | |||
| CVE-2024-53069 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have … | |||
| CVE-2024-53087 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns … | |||
| CVE-2024-53080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 ("drm/panthor: Fix race when converting g… | |||
| CVE-2024-53081 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported… | |||
| CVE-2024-53086 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL Upon failure all locks need to be dropped before retu… | |||
| CVE-2024-26777 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl() interface… | |||
| CVE-2024-53083 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len a… | |||
| CVE-2024-26776 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected Return IRQ_NONE from the interrupt handler when no interrupt w… | |||
| CVE-2024-26778 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl() interf… | |||
| CVE-2024-53109 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_pre… | |||
| CVE-2024-53240 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happe… | |||
| CVE-2024-57004 | unknown | — | — | — | Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggering of the XSS by visiti… | |||
| CVE-2024-53682 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set ramp_delay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our… | |||
| CVE-2024-53685 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH… | |||
| CVE-2024-54193 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() Move pm_runtime_set_active() to ivpu_pm_init() so when ivpu_ipc_send_rec… | |||
| CVE-2024-53690 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent use of deleted inode syzbot reported a WARNING in nilfs_rmdir. [1] Because the inode bitmap is corrupted, an ino… | |||
| CVE-2024-54683 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the sa… | |||
| CVE-2024-55639 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: renesas: rswitch: avoid use-after-put for a device tree node The device tree node saved in the rswitch_device structure is u… | |||
| CVE-2024-55881 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Play nice with protected guests in complete_hypercall_exit() Use is_64_bit_hypercall() instead of is_64_bit_mode() to d… | |||
| CVE-2024-55916 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP (or VSS) daemon starts before the VMBus channel's … | |||
| CVE-2024-56531 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lon… | |||
| CVE-2024-56369 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() drm_mode_vrefresh() is trying to avoid divide by zero by checking w… | |||
| CVE-2024-56532 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lo… | |||
| CVE-2024-56553 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix memleak of proc->delivered_freeze If a freeze notification is cleared with BC_CLEAR_FREEZE_NOTIFICATION before callin… | |||
| CVE-2024-42010 | unknown | — | — | — | mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain… | |||
| CVE-2024-56536 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: cw1200: Fix potential NULL dereference A recent refactoring was identified by static analysis to cause a potential NULL der… | |||
| CVE-2024-56537 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_disp: layer may be null while releasing layer->info can be null if we have an error on the first layer in zynqm… | |||
| CVE-2024-56538 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by un… | |||
| CVE-2024-56547 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8 n_barrie… | |||
| CVE-2024-26765 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQ before init_fn() for nonboot CPUs Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order to … | |||
| CVE-2024-56545 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: streamline driver probe to avoid devres issues It was found that unloading 'hid_hyperv' module results in a devres c… | |||
| CVE-2024-56549 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object->file At present, the object->file has the NULL pointer dereference problem in… | |||
| CVE-2024-56557 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer The AD7923 was updated to support devices with 8 channels, but the… | |||
| CVE-2024-56550 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement arch_stack_walk_user_common() contains a return statement instead of a bre… | |||
| CVE-2024-56552 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc_submit: fix race around suspend_pending Currently in some testcases we can trigger: xe 0000:03:00.0: [drm] Assertion … | |||
| CVE-2024-56554 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binder_release_work() When a binder reference is cleaned up, any freeze work queued in the associated p… | |||
| CVE-2024-56556 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with the proc->inner… | |||
| CVE-2024-42008 | unknown | — | — | — | A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious … | |||
| CVE-2024-56572 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() The buffer in the loop should be released u… | |||
| CVE-2024-56574 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: ts2020: fix null-ptr-deref in ts2020_probe() KASAN reported a null-ptr-deref issue when executing the following command: … | |||
| CVE-2024-56560 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: slab: Fix too strict alignment check in create_cache() On m68k, where the minimum alignment of unsigned long is 2 bytes: Ker… | |||
| CVE-2024-56561 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pci_epc_destroy() pci_epc_destroy() invokes pci_bus_release_domain_nr() to release th… | |||
| CVE-2024-37385 | unknown | — | — | — | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via im_convert_path and im_identify_path. NOTE: this issue exists because of an incomplete fix for CVE-2020-1… | |||
| CVE-2024-56565 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ----------… | |||
| CVE-2024-37384 | unknown | — | — | — | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences. | |||
| CVE-2024-56567 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division b… | |||
| CVE-2024-56573 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and … |