Show filters
335,178 Total Results
Displaying 171-180 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-21697
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows.
This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.
Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9
Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20
See the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sou…
0
Attacker Value
Unknown
CVE-2018-9346
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
0
Attacker Value
Unknown
CVE-2018-9345
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
0
Attacker Value
Unknown
CVE-2018-9344
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
0
Attacker Value
Unknown
CVE-2018-9341
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
0
Attacker Value
Unknown
CVE-2018-9340
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
0
Attacker Value
Unknown
CVE-2018-9339
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
0
Attacker Value
Unknown
CVE-2024-53088
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In the Linux kernel, the following vulnerability has been resolved:
i40e: fix race condition by adding filter's intermediate sync state
Fix a race condition in the i40e driver that leads to MAC/VLAN filters
becoming corrupted and leaking. Address the issue that occurs under
heavy load when multiple threads are concurrently modifying MAC/VLAN
filters by setting mac and port VLAN.
1. Thread T0 allocates a filter in i40e_add_filter() within
i40e_ndo_set_vf_port_vlan().
2. Thread T1 concurrently frees the filter in __i40e_del_filter() within
i40e_ndo_set_vf_mac().
3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which
refers to the already freed filter memory, causing corruption.
Reproduction steps:
1. Spawn multiple VFs.
2. Apply a concurrent heavy load by running parallel operations to change
MAC addresses on the VFs and change port VLANs on the host.
3. Observe errors in dmesg:
"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,
…
0
Attacker Value
Unknown
CVE-2024-53087
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Fix possible exec queue leak in exec IOCTL
In a couple of places after an exec queue is looked up the exec IOCTL
returns on input errors without dropping the exec queue ref. Fix this
ensuring the exec queue ref is dropped on input error.
(cherry picked from commit 07064a200b40ac2195cb6b7b779897d9377e5e6f)
0
Attacker Value
Unknown
CVE-2024-53086
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL
Upon failure all locks need to be dropped before returning to the user.
(cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095)
0