Lucene search
K

7653 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/25 12:0 a.m.27 views

RockyLinux 9 : webkit2gtk3 (RLSA-2024:8180)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8180 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web content...

9.8CVSS7.4AI score0.01135EPSS
Exploits0References23
SUSE CVE
SUSE CVE
added 2024/10/22 2:23 p.m.5 views

SUSE CVE-2022-48967

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

7.3CVSS6.5AI score0.00236EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2024/10/22 11:8 a.m.20 views

CVE-2022-48967

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

7.1CVSS6.9AI score0.00236EPSS
Exploits0References4
CVE
CVE
added 2024/10/21 8:5 p.m.115 views

CVE-2022-48967

CVE-2022-48967 affects the Linux kernel NFC subsystem (NCI) and stems from a missing bounds check in nci_add_new_protocol, allowing a potential field-spanning write to target->sensf_res under Fortify and triggering an out-of-bounds write. The issue is concrete: a bounds error in net/nfc/nci/nt...

7.1CVSS6.7AI score0.00236EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2024/10/21 8:5 p.m.9 views

CVE-2022-48967 NFC: nci: Bounds check struct nfc_target arrays

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

7.1CVSS5.9AI score0.00236EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/10/21 6:54 p.m.21 views

CVE-2024-50010 exec: don't WARN for racy path_noexec check

In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy pathnoexec check Both imode and noexec checks wrapped in WARNON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two...

0.00234EPSS
Exploits0References5
CVE
CVE
added 2024/10/21 6:54 p.m.134 views

CVE-2024-50010

CVE-2024-50010 affects the Linux kernel’s exec path checks. The issue is a race in the path_noexec (and i_mode) checks that led to spurious WARN_ON warnings when noexec is toggled, rather than a real permission failure. The fix removes the redundant path_noexec WARN and updates commentary; no exp...

4.7CVSS6.7AI score0.00234EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/10/21 6:1 p.m.22 views

CVE-2024-49893 drm/amd/display: Check stream_status before it is used

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check streamstatus before it is used WHAT & HOW dcstategetstreamstatus can return null, and therefore null must be checked before streamstatus is used. This fixes 1 NULLRETURNS issue reported by Coverity...

0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/21 6:1 p.m.20 views

CVE-2024-49878 resource: fix region_intersects() vs add_memory_driver_managed()

In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...

7.2AI score0.00298EPSS
Exploits0References8
OSV
OSV
added 2024/10/21 1:15 p.m.10 views

AZL-51126 CVE-2024-47723 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...

7.1CVSS6.6AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/21 12:13 p.m.17 views

CVE-2024-47722

...

Exploits0
CVE
CVE
added 2024/10/21 12:13 p.m.42 views

CVE-2024-47722

CVE-2024-47722 entry is rejected/not used and does not represent an active vulnerability.

6.7AI score
Exploits0
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper bounds checking of the ASoC component in the sx control...

5.5CVSS6.7AI score0.00234EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2024/10/18 12:0 a.m.35 views

AlmaLinux 9 : webkit2gtk3 (ALSA-2024:8180)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8180 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web content m...

9.8CVSS7.4AI score0.01135EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/10/16 1:9 p.m.1 views

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

6.5CVSS5.7AI score0.01135EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/16 1:9 p.m.2 views

webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

5.5CVSS5.7AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/16 1:9 p.m.3 views

webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

6.5CVSS5.7AI score0.00712EPSS
Exploits0References5
Veracode
Veracode
added 2024/10/16 10:45 a.m.9 views

Resources Downloaded Over Insecure Protocol

gradio is vulnerable to Resources Downloaded over Insecure Protocol. The vulnerability is due to the lack of integrity checking on the downloaded FRP client. An attacker can introduce malicious code by modifying the binary without detection if they gain access to the remote URL from which the FRP...

7.5CVSS7.1AI score0.00208EPSS
Exploits0References3Affected Software1
AlmaLinux
AlmaLinux
added 2024/10/16 12:0 a.m.43 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash...

9.8CVSS8.7AI score0.01135EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2024/10/11 4:26 p.m.11 views

CVE-2024-47670

In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2xattrfindentry Add a paranoia check to make sure it doesn't stray beyond valid memory region containing ocfs2 xattr entries when scanning for a match. It will prevent out-of-bound access in case...

7.8CVSS6.8AI score0.00239EPSS
Exploits0References4
Rows per page
Query Builder