CVE ID : CVE-2024-40672 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In onCreate of ChooserActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

CVE ID : CVE-2024-40677 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

CVE ID : CVE-2024-40669 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity:…

CVE ID : CVE-2024-40670 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity:…

CVE ID : CVE-2024-40649 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not…

CVE ID : CVE-2024-40651 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not…

CVE ID : CVE-2024-34733 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed…

CVE ID : CVE-2024-34748 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Severity:…

CVE ID : CVE-2025-22217 Published : Jan. 28, 2025, 7:15 p.m. | 12 hours, 44 minutes ago Description : Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.  A malicious user with network access may be able to use…

CVE ID : CVE-2024-34732 Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago Description : In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed…