Lucene search

K

BIG-IP AFM & PEM Security Vulnerabilities

ubuntucve
ubuntucve

CVE-2021-47340

In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap imap = JFS_IP(ipimap)->i_imap; JFS_...

6.5AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
ubuntucve
ubuntucve

CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not...

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
nessus
nessus

F5 Networks BIG-IP : Linux kernel usbmon vulnerability (K000139700)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139700 advisory. drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space...

6.7CVSS

7AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
f5
f5

K000139691: Python vulnerabilities CVE-2022-48565, CVE-2018-1000802 and CVE-2016-9063

Security Advisory Description CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2018-1000802 Python Software Foundation Python (CPython)...

8.4AI Score

0.01EPSS

2024-05-21 12:00 AM
17
nessus
nessus

F5 Networks BIG-IP : VPN TunnelVision vulnerability (K000139553)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139553 advisory. By design, the DHCP protocol does not authenticate messages, including for example the classless static route...

7.6CVSS

7.7AI Score

0.0005EPSS

2024-05-21 12:00 AM
3
ubuntucve
ubuntucve

CVE-2021-47266

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
1
f5
f5

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into...

7AI Score

0.0005EPSS

2024-05-21 12:00 AM
6
redhatcve
redhatcve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.6AI Score

0.0004EPSS

2024-05-20 05:10 PM
4
redhatcve
redhatcve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.5AI Score

0.0004EPSS

2024-05-20 04:23 PM
2
githubexploit
githubexploit

Exploit for OS Command Injection in Fortinet Fortisiem

CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order...

10CVSS

8.1AI Score

0.001EPSS

2024-05-20 02:34 PM
202
redhatcve
redhatcve

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-20 02:20 PM
1
redhatcve
redhatcve

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-20 02:20 PM
2
githubexploit
githubexploit

Exploit for Improper Restriction of Excessive Authentication Attempts in Netgate Pfsense Plus

[CVE-2023-27100 - pfSense Anti-brute force protection bypass]...

9.8CVSS

7.3AI Score

0.002EPSS

2024-05-20 01:35 PM
109
redhatcve
redhatcve

CVE-2024-35903

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.6AI Score

0.0004EPSS

2024-05-20 11:44 AM
7
nvd
nvd

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.4AI Score

0.0004EPSS

2024-05-20 10:15 AM
3
cve
cve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 10:15 AM
28
debiancve
debiancve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 10:15 AM
2
cvelist
cvelist

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.4AI Score

0.0004EPSS

2024-05-20 09:42 AM
vulnrichment
vulnrichment

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.8AI Score

0.0004EPSS

2024-05-20 09:42 AM
malwarebytes
malwarebytes

A week in security (May 13 – May 19)

Last week on Malwarebytes Labs: Deleted iPhone photos show up again after iOS update Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it Notorious data leak site BreachForums seized by law enforcement Apple and Google join forces to stop unwanted tracking...

6.9AI Score

2024-05-20 07:04 AM
7
githubexploit
githubexploit

Exploit for CVE-2024-22120

CVE-2024-22120 ToolKit Affected Version/s ``` 6.0.0 -...

9.1CVSS

6.9AI Score

0.0004EPSS

2024-05-20 03:29 AM
295
githubexploit
githubexploit

Exploit for CVE-2024-20356

CVE-2024-20356 This is a proof of concept for CVE-2024-20356,...

7.7AI Score

2024-05-20 12:57 AM
104
f5
f5

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. (CVE-2024-21508) Impact There is no impact; F5 products are not...

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : Python vulnerabilities (K000139698)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139698 advisory. Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x...

7.5CVSS

8AI Score

0.028EPSS

2024-05-20 12:00 AM
2
nessus
nessus

F5 Networks BIG-IP : Speculative race conditions vulnerabilities (K000139682)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139682 advisory. A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting ...

5.5CVSS

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
1
f5
f5

K000139682: Speculative race conditions vulnerabilities CVE-2024-2193 and CVE-2024-26602

Security Advisory Description CVE-2024-2193 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data...

5.5AI Score

0.0004EPSS

2024-05-20 12:00 AM
10
nessus
nessus

F5 Networks BIG-IP : Python vulnerabilities (K000139691)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139691 advisory. An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer ...

9.8CVSS

8.2AI Score

0.01EPSS

2024-05-20 12:00 AM
2
f5
f5

K000139678: MySQL Server vulnerability CVE-2024-21055

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

6AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
f5
f5

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569) Impact...

6.3AI Score

0.0004EPSS

2024-05-20 12:00 AM
5
ubuntucve
ubuntucve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 12:00 AM
6
f5
f5

K000139692: Websense vulnerabilities CVE-2006-2035 and CVE-2010-5144

Security Advisory Description CVE-2006-2035 Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. CVE-2010-5144 The ISAPI Filter plug-in in Websense...

7.1AI Score

0.002EPSS

2024-05-20 12:00 AM
3
debiancve
debiancve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

7.1AI Score

0.0004EPSS

2024-05-19 11:15 AM
3
nvd
nvd

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.5AI Score

0.0004EPSS

2024-05-19 11:15 AM
cve
cve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.7AI Score

0.0004EPSS

2024-05-19 11:15 AM
27
nvd
nvd

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-19 11:15 AM
cve
cve

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.7AI Score

0.0004EPSS

2024-05-19 11:15 AM
29
cve
cve

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.7AI Score

0.0004EPSS

2024-05-19 11:15 AM
27
nvd
nvd

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-19 11:15 AM
debiancve
debiancve

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an...

7AI Score

0.0004EPSS

2024-05-19 11:15 AM
4
debiancve
debiancve

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an...

7AI Score

0.0004EPSS

2024-05-19 11:15 AM
7
cvelist
cvelist

CVE-2024-35942 pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.5AI Score

0.0004EPSS

2024-05-19 10:10 AM
vulnrichment
vulnrichment

CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.8AI Score

0.0004EPSS

2024-05-19 10:10 AM
1
cvelist
cvelist

CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.4AI Score

0.0004EPSS

2024-05-19 10:10 AM
cvelist
cvelist

CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.4AI Score

0.0004EPSS

2024-05-19 10:10 AM
1
vulnrichment
vulnrichment

CVE-2024-35919 media: mediatek: vcodec: adding lock to protect encoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

7.2AI Score

0.0004EPSS

2024-05-19 10:10 AM
nvd
nvd

CVE-2024-35903

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.5AI Score

0.0004EPSS

2024-05-19 09:15 AM
cve
cve

CVE-2024-35903

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.7AI Score

0.0004EPSS

2024-05-19 09:15 AM
27
debiancve
debiancve

CVE-2024-35903

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

7.1AI Score

0.0004EPSS

2024-05-19 09:15 AM
5
cvelist
cvelist

CVE-2024-35903 x86/bpf: Fix IP after emitting call depth accounting

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.5AI Score

0.0004EPSS

2024-05-19 08:34 AM
vulnrichment
vulnrichment

CVE-2024-35903 x86/bpf: Fix IP after emitting call depth accounting

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.9AI Score

0.0004EPSS

2024-05-19 08:34 AM
Total number of security vulnerabilities70509