Lucene search

K

KB Support – WordPress Help Desk And Knowledge Base Security Vulnerabilities

cvelist
cvelist

CVE-2024-0171

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...

5.3CVSS

EPSS

2024-06-25 03:30 PM
vulnrichment
vulnrichment

CVE-2024-0171

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...

5.3CVSS

7AI Score

EPSS

2024-06-25 03:30 PM
ibm
ibm

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2024-37532

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the...

8.8CVSS

6.7AI Score

0.0004EPSS

2024-06-25 03:26 PM
2
openbugbounty
openbugbounty

openprocurement.al Cross Site Scripting vulnerability OBB-3938553

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 03:21 PM
3
openbugbounty
openbugbounty

fufarma.al Cross Site Scripting vulnerability OBB-3938552

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 03:16 PM
3
debiancve
debiancve

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot...

6.5AI Score

EPSS

2024-06-25 03:15 PM
2
nvd
nvd

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be.....

6.5AI Score

EPSS

2024-06-25 03:15 PM
4
nvd
nvd

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be.....

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...

6.9AI Score

EPSS

2024-06-25 03:15 PM
3
debiancve
debiancve

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...

6.6AI Score

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39464

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but only waiting_list and done_list are initialized. notifier_entry was kept 'zeroed' leading to an uninitialized list_head.....

EPSS

2024-06-25 03:15 PM
1
cve
cve

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

6.8AI Score

EPSS

2024-06-25 03:15 PM
4
debiancve
debiancve

CVE-2024-39371

In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to...

6.5AI Score

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags:...

6.5AI Score

EPSS

2024-06-25 03:15 PM
1
nvd
nvd

CVE-2024-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags:...

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). Here are the relevant functions being called: bonding_exit() ...

7AI Score

EPSS

2024-06-25 03:15 PM
4
cve
cve

CVE-2024-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags:...

7AI Score

EPSS

2024-06-25 03:15 PM
3
debiancve
debiancve

CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). Here are the relevant functions being called: bonding_exit() ...

6.7AI Score

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-39464

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but only waiting_list and done_list are initialized. notifier_entry was kept 'zeroed' leading to an uninitialized...

6.7AI Score

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39464

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but only waiting_list and done_list are initialized. notifier_entry was kept 'zeroed' leading to an uninitialized list_head.....

7.1AI Score

EPSS

2024-06-25 03:15 PM
2
debiancve
debiancve

CVE-2024-39301

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9_client_rpc() Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline] BUG: KMSAN: uninit-value in...

6.6AI Score

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). Here are the relevant functions being called: bonding_exit() ...

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39371

In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to...

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39301

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9_client_rpc() Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline] BUG: KMSAN: uninit-value in...

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

6.5AI Score

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39301

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9_client_rpc() Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline] BUG: KMSAN: uninit-value in...

7AI Score

EPSS

2024-06-25 03:15 PM
3
cve
cve

CVE-2024-39371

In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to...

6.5AI Score

EPSS

2024-06-25 03:15 PM
3
nvd
nvd

CVE-2024-39293

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-38385

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means the.....

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-38385

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means the.....

6.6AI Score

EPSS

2024-06-25 03:15 PM
4
cve
cve

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

6.8AI Score

EPSS

2024-06-25 03:15 PM
4
cve
cve

CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state in...

7.2AI Score

EPSS

2024-06-25 03:15 PM
3
cve
cve

CVE-2024-39293

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...

6.8AI Score

EPSS

2024-06-25 03:15 PM
4
debiancve
debiancve

CVE-2024-39276

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419...

6.5AI Score

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-39276

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290....

6.9AI Score

EPSS

2024-06-25 03:15 PM
3
debiancve
debiancve

CVE-2024-38385

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means...

6.6AI Score

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state in...

EPSS

2024-06-25 03:15 PM
nvd
nvd

CVE-2024-39276

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290....

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108...

6.4AI Score

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-39293

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...

6.4AI Score

EPSS

2024-06-25 03:15 PM
debiancve
debiancve

CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state...

6.9AI Score

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management...

6.8CVSS

7.4AI Score

EPSS

2024-06-25 03:15 PM
2
cve
cve

CVE-2024-37086

VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the...

6.8CVSS

6.7AI Score

EPSS

2024-06-25 03:15 PM
2
nvd
nvd

CVE-2024-37087

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service...

5.3CVSS

EPSS

2024-06-25 03:15 PM
1
nvd
nvd

CVE-2024-37086

VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the...

6.8CVSS

EPSS

2024-06-25 03:15 PM
cve
cve

CVE-2024-37087

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service...

5.3CVSS

6.9AI Score

EPSS

2024-06-25 03:15 PM
2
nvd
nvd

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management...

6.8CVSS

EPSS

2024-06-25 03:15 PM
6
Total number of security vulnerabilities2863951