Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 28988 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-47051 1 Linux 1 Linux Kernel 2024-12-09 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. Fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2023-52387 1 Huawei 2 Emui, Harmonyos 2024-12-09 N/A 7.5 HIGH
Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42156 1 Linux 1 Linux Kernel 2024-12-09 N/A 4.1 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.
CVE-2023-29931 1 Laravels Project 1 Laravels 2024-12-06 N/A 9.8 CRITICAL
laravel-s 3.7.35 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.
CVE-2022-45287 1 Temenos 1 Cwx 2024-12-06 N/A 8.8 HIGH
An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administrative commands.
CVE-2020-36782 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2020-36778 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2020-36784 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_sync will increment pm usage counter even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2020-36783 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2020-36781 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pm_runtime_get_sync fails In i2c_imx_xfer() and i2c_imx_remove(), the pm reference count is not expected to be incremented on return. However, pm_runtime_get_sync will increment pm reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2020-36779 1 Linux 1 Linux Kernel 2024-12-06 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in these stm32f7_i2c_xx serious functions. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
CVE-2024-49580 1 Jetbrains 1 Ktor 2024-12-06 N/A 5.3 MEDIUM
In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure
CVE-2021-31635 1 Jfinal 1 Jfinal 2024-12-05 N/A 9.8 CRITICAL
Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function.
CVE-2023-36664 3 Artifex, Debian, Fedoraproject 3 Ghostscript, Debian Linux, Fedora 2024-12-05 N/A 7.8 HIGH
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
CVE-2023-34672 1 Elenos 2 Etg150, Etg150 Firmware 2024-12-05 N/A 8.8 HIGH
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases.
CVE-2021-30205 1 Dzzoffice 1 Dzzoffice 2024-12-05 N/A 5.3 MEDIUM
Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames.
CVE-2023-32553 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-12-04 N/A 5.3 MEDIUM
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552.
CVE-2023-32552 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-12-04 N/A 5.3 MEDIUM
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553
CVE-2023-32528 1 Trendmicro 1 Mobile Security 2024-12-04 N/A 8.8 HIGH
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527.
CVE-2023-32527 1 Trendmicro 1 Mobile Security 2024-12-04 N/A 8.8 HIGH
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528.