Lucene search

K

APC Easy UPS Online Monitoring Software (Windows 10, 11 Windows Server 2016, 2019, 2022) Security Vulnerabilities

osv
osv

CGA-8f64-fgpv-jxj2

Bulletin has no...

7.2AI Score

2024-06-20 11:34 AM
openbugbounty
openbugbounty

zagorod.spb.ru Cross Site Scripting vulnerability OBB-3936951

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:23 AM
1
openbugbounty
openbugbounty

wynnhamlyn.com Cross Site Scripting vulnerability OBB-3936949

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:20 AM
1
openbugbounty
openbugbounty

ville-roquefort-les-pins.fr Cross Site Scripting vulnerability OBB-3936944

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:18 AM
1
openbugbounty
openbugbounty

trp.lt Cross Site Scripting vulnerability OBB-3936941

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:17 AM
1
openbugbounty
openbugbounty

themusselburghgolfclub.com Cross Site Scripting vulnerability OBB-3936939

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:16 AM
1
nvd
nvd

CVE-2022-48715

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver.....

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48719

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work syzkaller was able to trigger a deadlock for NTF_MANAGED entries [0]: kworker/0:16/14617 is trying to acquire lock: ffffffff8d4dd370...

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format...

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2022-48723

In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphier_spi_probe() The issue happens in several error paths in uniphier_spi_probe(). When either dma_get_slave_caps() or devm_spi_register_master() returns an error code, the function...

6.6AI Score

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2022-48720

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEV_UNREGISTER event Current macsec netdev notify handler handles NETDEV_UNREGISTER event by releasing relevant SW resources only, this causes resources leak in case of macsec HW offload, as....

6.5AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48719

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work syzkaller was able to trigger a deadlock for NTF_MANAGED entries [0]: kworker/0:16/14617 is trying to acquire lock: ffffffff8d4dd370...

6.5AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chan_info array. So fix this. Without this, its possible that we....

6.5AI Score

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48717

In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_elem_write_user() ...

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chan_info array. So fix this. Without this, its possible that we....

EPSS

2024-06-20 11:15 AM
nvd
nvd

CVE-2022-48720

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEV_UNREGISTER event Current macsec netdev notify handler handles NETDEV_UNREGISTER event by releasing relevant SW resources only, this causes resources leak in case of macsec HW offload, as....

EPSS

2024-06-20 11:15 AM
nvd
nvd

CVE-2022-48723

In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphier_spi_probe() The issue happens in several error paths in uniphier_spi_probe(). When either dma_get_slave_caps() or devm_spi_register_master() returns an error code, the function...

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2022-48721

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may be some socket waitqueue entries remaining in smc socket->wq, such as eppoll_entries inserted by...

6.6AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48717

In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_elem_write_user() ...

6.5AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48715

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver.....

6.6AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48722

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structure upon error before.....

6.6AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format...

6.5AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() when KASAN is enabled.....

6.6AI Score

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() when KASAN is enabled.....

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48721

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may be some socket waitqueue entries remaining in smc socket->wq, such as eppoll_entries inserted by...

EPSS

2024-06-20 11:15 AM
nvd
nvd

CVE-2022-48722

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structure upon error before.....

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2022-48712

In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that. Also it cleans up...

6.7AI Score

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2021-47617

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot...

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2021-47617

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot...

6.4AI Score

EPSS

2024-06-20 11:15 AM
1
cve
cve

CVE-2022-48713

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel crash. Fixes a bug introduced by commit...

6.7AI Score

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

EPSS

2024-06-20 11:15 AM
cve
cve

CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. This patch verifies...

6.5AI Score

EPSS

2024-06-20 11:15 AM
2
nvd
nvd

CVE-2022-48712

In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that. Also it cleans up...

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. This patch verifies...

EPSS

2024-06-20 11:15 AM
2
cve
cve

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...

6.6AI Score

EPSS

2024-06-20 11:15 AM
1
nvd
nvd

CVE-2022-48713

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel crash. Fixes a bug introduced by commit...

EPSS

2024-06-20 11:15 AM
1
openbugbounty
openbugbounty

royeres87.fr Cross Site Scripting vulnerability OBB-3936935

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 11:14 AM
1
cvelist
cvelist

CVE-2022-48771 drm/vmwgfx: Fix stale file descriptors on failed usercopy

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables userland to refer to a.....

EPSS

2024-06-20 11:13 AM
1
cve
cve

CVE-2022-48771 drm/vmwgfx: Fix stale file descriptors on failed usercopy

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables userland to refer to a.....

7AI Score

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()

In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This is then used in __bpf_get_stack() to check for user mode, resulting in a kernel oops. Guard...

EPSS

2024-06-20 11:13 AM
1
cve
cve

CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()

In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This is then used in __bpf_get_stack() to check for user mode, resulting in a kernel oops. Guard...

6.8AI Score

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48769 efi: runtime: avoid EFIv2 runtime services on Apple x86 machines

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a call to...

EPSS

2024-06-20 11:13 AM
1
cve
cve

CVE-2022-48769 efi: runtime: avoid EFIv2 runtime services on Apple x86 machines

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a call to...

6.8AI Score

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48767 ceph: properly put ceph_string reference after async create attempt

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked. Ensure we put...

EPSS

2024-06-20 11:13 AM
cve
cve

CVE-2022-48767 ceph: properly put ceph_string reference after async create attempt

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked. Ensure we put...

7AI Score

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48768 tracing/histogram: Fix a potential memory leak for kstrdup()

In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via...

EPSS

2024-06-20 11:13 AM
cve
cve

CVE-2022-48768 tracing/histogram: Fix a potential memory leak for kstrdup()

In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via...

7AI Score

EPSS

2024-06-20 11:13 AM
cve
cve

CVE-2022-48766 drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU. Mirrors the logic for dcn30. Cue lots of WARNs and some kernel panics without this...

7.1AI Score

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48766 drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU. Mirrors the logic for dcn30. Cue lots of WARNs and some kernel panics without this...

EPSS

2024-06-20 11:13 AM
cvelist
cvelist

CVE-2022-48764 KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2} Free the "struct kvm_cpuid_entry2" array on successful post-KVM_RUN KVM_SET_CPUID{,2} to fix a memory leak, the callers of kvm_set_cpuid() free the array only....

EPSS

2024-06-20 11:13 AM
Total number of security vulnerabilities2139411