Lucene search
K

13 matches found

OSV
OSV
added 2026/07/05 7:32 a.m.7 views

ROOT-OS-UBUNTU-2204-CVE-2024-42135 CVE-2024-42135 in rootio-linux - Patched by Root

Root has patched CVE-2024-42135 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS7.8AI score0.00227EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/07 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2024-0278)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00478EPSS
Exploits0References9
NVD
NVD
added 2024/07/30 8:15 a.m.26 views

CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

5.5CVSS0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/30 7:46 a.m.45 views

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

0.00227EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/30 7:46 a.m.14 views

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

6.8AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2024/07/30 7:46 a.m.14 views

CVE-2024-42135 vhost_task: Handle SIGKILL by flushing work and exiting

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

5.5CVSS6AI score0.00227EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/01/17 1:51 p.m.63 views

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...

7.8CVSS8.7AI score0.00663EPSS
Exploits5
Circl
Circl
added 2024/01/15 3:26 p.m.5 views

CVE-2023-42135

creationtimestamp| type| source ---|---|--- 2024-01-15 15:26:50+00:00| seen| https://t.me/ctinow/168402 2024-01-17 17:06:42+00:00| published-proof-of-concept| https://t.me/truesecator/5303 2024-01-18 15:27:35+00:00| seen| https://t.me/itsecnews/3996 2024-06-01 21:47:05+00:00| seen|...

6.8CVSS6.7AI score0.00591EPSS
Exploits1References4
CVE
CVE
added 2024/01/15 1:28 p.m.45 views

CVE-2023-42135

CVE-2023-42135 details (PAX A920Pro/A50) affect PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier on PAX Android POS devices. The vulnerability allows local code execution by bypassing input validation during flashing of a specific partition, via parameter injection in the flashing process....

6.8CVSS7AI score0.00591EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2021/10/11 7:23 a.m.6 views

CVE-2021-42135

creationtimestamp| type| source ---|---|--- 2021-10-11 07:23:27+00:00| seen| https://t.me/cibsecurity/30306...

8.1CVSS7.9AI score0.00755EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/11 2:52 a.m.52 views

CVE-2021-42135

HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. Users may, in some situations, have more privileges than intended, e.g., a user with read permission for the /gcp/roleset/ path may be abl...

8.1AI score0.00755EPSS
Exploits0References1
CVE
CVE
added 2021/10/11 2:52 a.m.87 views

CVE-2021-42135

CVE-2021-42135 affects HashiCorp Vault and Vault Enterprise 1.8.x–1.8.4, describing an unexpected interaction between glob-related policies and the Google Cloud secrets engine. The root cause is a policy-glob interaction that may grant more privileges than intended, e.g., a user with read access ...

8.1CVSS7.7AI score0.00755EPSS
Exploits0References1Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/10/07 8:55 p.m.7 views

Vault's Google Cloud Secrets Engine Policies With Globs May Provide Additional Privileges in Vault 1.8.0 Onwards

Summary The Google Cloud secrets engine in Vault or Vault Enterprise “Vault” 1.8.0 and above may provide users, under specific conditions, with more privileges than in prior versions. Due to changes in the underlying functionality of the Google Cloud secrets engine, policies that use globs may...

8.1CVSS6.9AI score0.00755EPSS
Exploits0
Rows per page
Query Builder