Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-06 | CVE-2024-51727 | Premature Release of Resource During Expected Lifetime vulnerability in Ruijienetworks Reyee OS Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account. | 7.5 |
2024-12-06 | CVE-2024-53141 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. | 7.8 |
2024-12-06 | CVE-2024-53142 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data ... 55 ============= ================== ========================= 56 Field name Field size Meaning 57 ============= ================== ========================= ... 70 c_namesize 8 bytes Length of filename, including final \0 When extracting an initramfs cpio archive, the kernel's do_name() path handler assumes a zero-terminated path at @collected, passing it directly to filp_open() / init_mkdir() / init_mknod(). If a specially crafted cpio entry carries a non-zero-terminated filename and is followed by uninitialized memory, then a file may be created with trailing characters that represent the uninitialized memory. | 7.8 |
2024-12-05 | CVE-2024-30961 | Unspecified vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2_bt_navigator. | 7.8 |
2024-12-05 | CVE-2024-30962 | Classic Buffer Overflow vulnerability in Openrobotics Robot Operating System 2 Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process | 7.8 |
2024-12-05 | CVE-2024-11156 | Out-of-bounds Write vulnerability in Rockwellautomation Arena An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.8 |
2024-12-05 | CVE-2024-12130 | Out-of-bounds Read vulnerability in Rockwellautomation Arena An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. | 7.8 |
2024-12-05 | CVE-2018-9402 | Out-of-bounds Write vulnerability in Google Android In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. | 7.8 |
2024-12-05 | CVE-2024-12185 | Out-of-bounds Write vulnerability in Code-Projects Hotel Management System 1.0 A vulnerability has been found in code-projects Hotel Management System 1.0 and classified as problematic. | 7.8 |
2024-12-05 | CVE-2024-12186 | Out-of-bounds Write vulnerability in Code-Projects Hotel Management System 1.0 A vulnerability was found in code-projects Hotel Management System 1.0 and classified as problematic. | 7.8 |