NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2024-11392 - Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interact... read CVE-2024-11392
Published: November 22, 2024; 5:15:06 PM -0500

V3.1: 8.8 HIGH
CVE-2024-11393 - Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User int... read CVE-2024-11393
Published: November 22, 2024; 5:15:07 PM -0500

V3.1: 8.8 HIGH
CVE-2024-11394 - Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interacti... read CVE-2024-11394
Published: November 22, 2024; 5:15:07 PM -0500

V3.1: 8.8 HIGH
CVE-2024-50187 - In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in `... read CVE-2024-50187
Published: November 08, 2024; 1:15:15 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50303 - In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walk_system_ram_res_rev must retain resource flags walk_system_ram_res_rev() erroneously discards resource flags when passing the information to the callback. T... read CVE-2024-50303
Published: November 19, 2024; 1:15:22 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50304 - In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from ... read CVE-2024-50304
Published: November 19, 2024; 1:15:22 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53042 - In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called without holding the RCU read lock, resulting in... read CVE-2024-53042
Published: November 19, 2024; 1:15:24 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53046 - In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherw... read CVE-2024-53046
Published: November 19, 2024; 1:15:24 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53047 - In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcu_read_lock Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT creates this splat when an MPTCP socket is created: =======... read CVE-2024-53047
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53048 - In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Intel provides the reference design, but it is up to vendor on the... read CVE-2024-53048
Published: November 19, 2024; 1:15:25 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50173 - In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup() The group variable can't be used to retrieve ptdev in our second loop, because it points to the previousl... read CVE-2024-50173
Published: November 08, 2024; 1:15:14 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50174 - In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously... read CVE-2024-50174
Published: November 08, 2024; 1:15:14 AM -0500

V3.1: 4.7 MEDIUM
CVE-2024-50175 - In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different... read CVE-2024-50175
Published: November 08, 2024; 1:15:14 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50176 - In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should ... read CVE-2024-50176
Published: November 08, 2024; 1:15:15 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-50178 - In the Linux kernel, the following vulnerability has been resolved: cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() Use raw_smp_processor_id() instead of plain smp_processor_id() in do_service_request(), otherwise we may g... read CVE-2024-50178
Published: November 08, 2024; 1:15:15 AM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53083 - In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len and txbuf_len are uninitialized. This commit stop... read CVE-2024-53083
Published: November 19, 2024; 1:15:27 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53087 - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns on input errors without dropping the exec queue ... read CVE-2024-53087
Published: November 19, 2024; 1:15:27 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53086 - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. (cherry picked from commit 7... read CVE-2024-53086
Published: November 19, 2024; 1:15:27 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53085 - In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to ... read CVE-2024-53085
Published: November 19, 2024; 1:15:27 PM -0500

V3.1: 5.5 MEDIUM
CVE-2024-53084 - In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due ... read CVE-2024-53084
Published: November 19, 2024; 1:15:27 PM -0500

V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: