Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-06 CVE-2024-51727 Premature Release of Resource During Expected Lifetime vulnerability in Ruijienetworks Reyee OS
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account.
network
low complexity
ruijienetworks CWE-826
7.5
2024-12-06 CVE-2024-53141 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped.
local
low complexity
linux
7.8
2024-12-06 CVE-2024-53142 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data ... 55 ============= ================== ========================= 56 Field name Field size Meaning 57 ============= ================== ========================= ... 70 c_namesize 8 bytes Length of filename, including final \0 When extracting an initramfs cpio archive, the kernel's do_name() path handler assumes a zero-terminated path at @collected, passing it directly to filp_open() / init_mkdir() / init_mknod(). If a specially crafted cpio entry carries a non-zero-terminated filename and is followed by uninitialized memory, then a file may be created with trailing characters that represent the uninitialized memory.
local
low complexity
linux CWE-787
7.8
2024-12-05 CVE-2024-30961 Unspecified vulnerability in Openrobotics Robot Operating System 2
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2_bt_navigator.
local
low complexity
openrobotics
7.8
2024-12-05 CVE-2024-30962 Classic Buffer Overflow vulnerability in Openrobotics Robot Operating System 2
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process
local
low complexity
openrobotics CWE-120
7.8
2024-12-05 CVE-2024-11156 Out-of-bounds Write vulnerability in Rockwellautomation Arena
An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file.
local
low complexity
rockwellautomation CWE-787
7.8
2024-12-05 CVE-2024-12130 Out-of-bounds Read vulnerability in Rockwellautomation Arena
An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory.
local
low complexity
rockwellautomation CWE-125
7.8
2024-12-05 CVE-2018-9402 Out-of-bounds Write vulnerability in Google Android
In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2024-12-05 CVE-2024-12185 Out-of-bounds Write vulnerability in Code-Projects Hotel Management System 1.0
A vulnerability has been found in code-projects Hotel Management System 1.0 and classified as problematic.
local
low complexity
code-projects CWE-787
7.8
2024-12-05 CVE-2024-12186 Out-of-bounds Write vulnerability in Code-Projects Hotel Management System 1.0
A vulnerability was found in code-projects Hotel Management System 1.0 and classified as problematic.
local
low complexity
code-projects CWE-787
7.8