CVE-2023-52610 net/sched: act_ct: fix skb leak and crash on ooo frags
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not straightforwar...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.4AI Score
0.0004EPSS
CVE-2021-47126 ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.7AI Score
0.0004EPSS
CVE-2021-47126 ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: python-fastapi-0.99.0-7.fc38
FastAPI is a modern, fast (high-performance), web framework for building AP Is with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with Node JS and Go (thanks to Starlette and Pydantic). One of the...
7.4AI Score
[SECURITY] Fedora 39 Update: python-fastapi-0.103.0-10.fc39
FastAPI is a modern, fast (high-performance), web framework for building AP Is with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with Node JS and Go (thanks to Starlette and Pydantic). One of the...
7.4AI Score
Fedora: Security Advisory for jflex (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jflex-1.7.0-18.fc40
JFlex is a lexical analyzer generator (also known as scanner generator) for Java, written in Java. It is also a rewrite of the very useful tool JLex which was developed by Elliot Berk at Princeton University. As Vern Paxson states for his C/C++ tool flex: They do not share any code though. ...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jctools-4.0.2-3.fc40
This project aims to offer some concurrent data structures currently missing from the JDK: =EF=BF=BD=EF=BF=BD SPSC/MPSC/SPMC/MPMC Bounded lock free queues =EF=BF=BD=EF=BF=BD SPSC/MPSC Unbounded lock free queues =EF=BF=BD=EF=BF=BD Alternative interfaces for queues =EF=BF=BD=EF=BF=BD Offheap...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jakarta-interceptors-2.0.0-12.fc40
Jakarta Interceptors defines a means of interposing on business method invocations and specific events=EF=BF=BD=EF=BF=BD=EF=BF=BDsuch as lifecycle events and timeout events=EF=BF=BD=EF=BF=BD=EF=BF=BDthat occur on instances of Jakarta EE comp onents and other managed...
6.9AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: guava-32.1.3-5.fc40
Guava is a suite of core and expanded libraries that include utility classes, Google=EF=BF=BD=EF=BF=BD=EF=BF=BDs collections, io classes , and much much more. This project is a complete packaging of all the Guava libraries into a single jar. Individual portions of Guava can be used by downloading.....
6.8AI Score
0.0004EPSS
CentOS: Security Advisory for bind (CESA-2023:5691)
The remote host is missing an update for...
7.5CVSS
7.9AI Score
0.002EPSS
[SECURITY] Fedora 38 Update: bind-9.18.24-1.fc38
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.2AI Score
0.05EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6669-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6669-1 advisory. An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash....
8.8CVSS
8.3AI Score
0.001EPSS
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
8.8CVSS
9.1AI Score
0.001EPSS
openSUSE: Security Advisory for exim (openSUSE-SU-2024:0007-1)
The remote host is missing an update for...
7.5CVSS
6.9AI Score
0.007EPSS
Fedora: Security Advisory for bind (FEDORA-2024-fae88b73eb)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.05EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.9AI Score
0.0004EPSS
CVE-2021-47080 RDMA/core: Prevent divide-by-zero error triggered by the user
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.5AI Score
0.0004EPSS
CVE-2021-47080 RDMA/core: Prevent divide-by-zero error triggered by the user
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.7AI Score
0.0004EPSS
bd-products.com Cross Site Scripting vulnerability OBB-3861887
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.6AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: bind9-next-9.19.21-1.fc39
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.7AI Score
0.05EPSS
[SECURITY] Fedora 38 Update: bind9-next-9.19.21-1.fc38
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.7AI Score
0.05EPSS
Fedora: Security Advisory for bind9-next (FEDORA-2024-499b9be35f)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.05EPSS
Fedora: Security Advisory for bind9-next (FEDORA-2024-c36c448396)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.05EPSS
bd-best.com Cross Site Scripting vulnerability OBB-3857129
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Fedora: Security Advisory for bind (FEDORA-2024-21310568fa)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.05EPSS
[SECURITY] Fedora 39 Update: bind-9.18.24-1.fc39
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.2AI Score
0.05EPSS
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed...
7.5CVSS
7.5AI Score
0.0004EPSS
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed...
7.5CVSS
7.6AI Score
0.0004EPSS
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed...
7.5CVSS
7.1AI Score
0.0004EPSS
CVE-2024-23308 BIG-IP Advanced WAF and ASM vulnerability
When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed...
7.5CVSS
7.7AI Score
0.0004EPSS
bd-products.com Cross Site Scripting vulnerability OBB-3852498
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K000137416)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137416 advisory. When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server,...
7.5CVSS
7.8AI Score
0.0004EPSS
K000137270 : BIG-IP Advanced WAF and BIG-IP ASM and vulnerability CVE-2024-21789
Security Advisory Description When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. (CVE-2024-21789) Impact System performance can degrade until the bd process is either forced to restart or is...
7.5CVSS
7.3AI Score
0.0004EPSS
K000137416 : BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-23308
Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based...
7.5CVSS
7.2AI Score
0.0004EPSS