VulDB Recent Entries

A vulnerability has been found in zephyrproject-rtos Zephyr up to 3.6 and classified as critical. This vulnerability affects the function rfcomm_handle_data of the component BT. The manipulation of the argument net_buf leads to heap-based buffer overflow. This vulnerability was named CVE-2024-6258. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as problematic, was found in zephyrproject-rtos Zephyr up to 3.6. This affects an unknown part of the component BT. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2024-5754. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in zephyrproject-rtos Zephyr up to 3.6. Affected by this issue is the function adv_ext_report of the component HCI. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-6259. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical was found in Google Android. Affected by this vulnerability is the function ppmp_protect_mfcfw_buf of the file code/drm_fw.c. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-44095. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Google Android. Affected is the function ppmp_protect_mfcfw_buf of the file code/drm_fw.c. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2024-44094. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android. It has been rated as critical. This issue affects the function ppmp_unprotect_buf of the file drm/code/drm_fw.c. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-44093. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-44096. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android. It has been classified as problematic. This affects an unknown part. The manipulation leads to active debug code. This vulnerability is uniquely identified as CVE-2024-44092. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Google Android and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to Local Privilege Escalation. This vulnerability is handled as CVE-2024-29779. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Red Hat Discovery, Storage and Update Infrastructure for Cloud Providers and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Ansible Vault File Handler. The manipulation leads to sensitive information in log files. This vulnerability is known as CVE-2024-8775. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as critical, was found in Best Free Law Office Management Software 1.0. Affected is an unknown function of the file kortex_lite/control/register_case.php. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-44430. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in WP Booking System Plugin up to 2.0.19.8 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-8797. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Lenovo 10w Laptop BIOS, L390 Laptops BIOS and L390 Yoga Laptops BIOS. This vulnerability affects unknown code of the component UEFI Shell. The manipulation leads to active debug code. This vulnerability was named CVE-2024-7756. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Lenovo 100w Gen 3 Laptop BIOS, 100w Gen 4 Laptop BIOS, 13w Yoga Laptop BIOS, 13w Yoga Gen 2 (Type 82YR, 82YS) Laptop BIOS, 14W Gen 2 Laptop BIOS, 300w Gen 3 Laptop BIOS, 300w Yoga Gen 4 Laptop BIOS, 500w Yoga Gen 4 Laptop BIOS, Flex 5-14ITL05 Laptop (ideapad) BIOS, Flex 5-15ITL05 Laptop (ideapad) BIOS, IdeaPad 1 14ALC7 Laptop BIOS, IdeaPad 1 15ALC7 Laptop BIOS, IdeaPad 1-11IGL05 Laptop BIOS, IdeaPad 1-14IGL05 Laptop BIOS, IdeaPad 3 14ABA7 Laptop BIOS, IdeaPad 3 15ABA7 Laptop BIOS, IdeaPad 3 17ABA7 Laptop BIOS, IdeaPad 3-14ALC6 Laptop BIOS, IdeaPad 3-15ALC6 Laptop BIOS, IdeaPad 3-17ALC6 Laptop BIOS, ideapad 5-15ALC05 Laptop BIOS, IdeaPad Flex 5 14ABR8 BIOS, IdeaPad Flex 5 14ALC7 Laptop BIOS, IdeaPad Flex 5 14IAU7 Laptop BIOS, IdeaPad Flex 5 14IRU8 BIOS, IdeaPad Flex 5 16ABR8 BIOS, IdeaPad Flex 5 16ALC7 BIOS, IdeaPad Flex 5 16IAU7 BIOS, IdeaPad Flex 5 16IRU8 BIOS, IdeaPad Slim 3 14ABR8 BIOS, IdeaPad Slim 3 14AMN8 BIOS, IdeaPad Slim 3 15ABR8 BIOS, IdeaPad Slim 3 15AMN8 BIOS, IdeaPad Slim 3 16ABR8 BIOS, IdeaPad Slim 5 Light 14ABR8 BIOS, K14 G2 IRU BIOS, Flex 7 14IAU7 BIOS, Flex 7 14IRU8 BIOS, V14 G3 ABA Laptop BIOS, V14 G4 ABP BIOS, V14 G4 AMN BIOS, V15 G3 ABA Laptop BIOS, V15 G4 ABP BIOS, V15 G4 AMN BIOS, ThinkBook 13s G4 ARB BIOS, ThinkBook 13s G4 IAP BIOS, ThinkBook 13x G2 IAP Laptop BIOS, ThinkBook 14 G6 ABP BIOS, ThinkBook 14 G6 IRL BIOS, ThinkBook 16 G6 ABP BIOS, ThinkBook 16 G6 IRL BIOS, V14 G2-ALC Laptop BIOS, V15 G2-ALC Laptop BIOS, Yoga Slim 7 Pro-14ACH5 Laptop BIOS and Yoga Slim 7 Pro-14ACH5 O Laptop BIOS. This affects an unknown part. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-3100. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Lenovo HX5530 Appliance XCC, HX7530 Appliance XCC, ST250 V3 XCC, VX3331 Certified Node XCC, HX Enclosure Certified Node XCC, HX1021 Edge Certified Node 3yr XCC, HX1320 Appliance XCC, HX1321 Certified Node XCC, HX1331 Certified Node XCC, HX1520-R Appliance XCC, HX1521-R Certified Node XCC, HX2320-E Appliance XCC, HX2321 Certified Node XCC, HX2330 Appliance XCC, HX2331 Certified Node XCC, HX2720-E Appliance XCC, HX3320 Appliance XCC, HX3321 Certified Node XCC, HX3330 Appliance XCC, HX3331 Certified Node XCC, HX3331 Node SAP HANA XCC, HX3375 Appliance XCC, HX3376 Certified Node XCC, HX3520-G Appliance XCC, HX3521-G Certified Node XCC, HX3720 Appliance XCC, HX3721 Certified Node XCC, HX5520 Appliance XCC, HX5520-C Appliance XCC, HX5521 Certified Node XCC, HX5521-C Certified Node XCC, HX5531 Certified Node XCC, HX7520 Appliance XCC, HX7521 Certified Node XCC, HX7530 Appl for SAP HANA XCC, HX7531 Certified Node XCC, HX7531 Node SAP HANA XCC, HX7820 Appliance XCC, HX7821 Certified Node XCC, MX Edge Appliance - MX1020 XCC, MX3330-F All-flash Appliance XCC and MX3330-. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IPMI Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2024-8059. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Lenovo XClarity Administrator up to 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Web API Call. The manipulation leads to improper ownership management. This vulnerability is known as CVE-2024-45104. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Lenovo XClarity Administrator up to 4.0. It has been classified as problematic. Affected is an unknown function of the component Web Interface. The manipulation leads to improper ownership management. This vulnerability is traded as CVE-2024-45103. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Bitwarden Vaultwarden 1.30.3 and classified as problematic. This issue affects some unknown processing of the component Content Security Policy Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-39926. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Lenovo P360 Workstation BIOS, ST50 BIOS, ST50 V2 BIOS, ST58 BIOS and ST58 V2 BIOS and classified as critical. This vulnerability affects unknown code. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-4550. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as critical, was found in Lenovo HX5530 Appliance XCC, HX7530 Appliance XCC, ST250 V3 XCC, VX3331 Certified Node XCC, HX Enclosure Certified Node XCC, HX1021 Edge Certified Node 3yr XCC, HX1320 Appliance XCC, HX1321 Certified Node XCC, HX1331 Certified Node XCC, HX1520-R Appliance XCC, HX1521-R Certified Node XCC, HX2320-E Appliance XCC, HX2321 Certified Node XCC, HX2330 Appliance XCC, HX2331 Certified Node XCC, HX2720-E Appliance XCC, HX3320 Appliance XCC, HX3321 Certified Node XCC, HX3330 Appliance XCC, HX3331 Certified Node XCC, HX3331 Node SAP HANA XCC, HX3375 Appliance XCC, HX3376 Certified Node XCC, HX3520-G Appliance XCC, HX3521-G Certified Node XCC, HX3720 Appliance XCC, HX3721 Certified Node XCC, HX5520 Appliance XCC, HX5520-C Appliance XCC, HX5521 Certified Node XCC, HX5521-C Certified Node XCC, HX5531 Certified Node XCC, HX7520 Appliance XCC, HX7521 Certified Node XCC, HX7530 Appl for SAP HANA XCC, HX7531 Certified Node XCC, HX7531 Node SAP HANA XCC, HX7820 Appliance XCC, HX7821 Certified Node XCC, MX Edge Appliance - MX1020 XCC, MX3330-F All-flash Appliance XCC and MX3330-. This affects an unknown part of the component System Management Mode. The manipulation leads to expired pointer dereference. This vulnerability is uniquely identified as CVE-2024-45105. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.