Lucene search
K

101 matches found

RedhatCVE
RedhatCVE
added 2024/04/17 5:54 p.m.34 views

CVE-2024-26907

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

6.7CVSS8.4AI score0.00265EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 a.m.30 views

CVE-2024-26907

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

7.8CVSS6.3AI score0.00265EPSS
Exploits0References22
Vulnrichment
Vulnrichment
added 2024/04/17 10:27 a.m.41 views

CVE-2024-26907 RDMA/mlx5: Fix fortify source warning while accessing Eth segment

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

7.6AI score0.00265EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/17 10:27 a.m.42 views

CVE-2024-26907 RDMA/mlx5: Fix fortify source warning while accessing Eth segment

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

7.7AI score0.00265EPSS
Exploits0References6
OSV
OSV
added 2024/04/17 10:27 a.m.6 views

CVE-2024-26907 RDMA/mlx5: Fix fortify source warning while accessing Eth segment

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

7.8CVSS6.2AI score0.00265EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.4 views

SUSE CVE-2012-0864

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS9.3AI score0.02717EPSS
Exploits5References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.5 views

SUSE CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

6.8CVSS8AI score0.03163EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3405

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS7.1AI score0.02087EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.6 views

PT-2024-11832 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a lack of bounds checking in the nci add new protocol function, which can lead to a field-spanning write. This was detected by syzkaller while running under...

9.1CVSS6.6AI score0.03702EPSS
Exploits13References1851
Positive Technologies
Positive Technologies
added 2022/02/24 12:0 a.m.5 views

PT-2025-13285 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue involved the use of a flexible array in the ovl component, which required adjustment to avoid false positive run-time...

4.6CVSS5AI score0.00179EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2019/11/14 2:15 a.m.36 views

CVE-2011-1588

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

7.8CVSS7.1AI score0.01074EPSS
Exploits0References1
0day.today
0day.today
added 2015/10/05 12:0 a.m.34 views

OpenSMTPD Remotely triggerable buffer overflow Vulnerability

Exploit for openbsd platform in category remote exploits I'm passing the gauntlet for anyone who wants to analyze this for impact etc. There's a remotely triggerable buffer overflow in OpenBSD's OpenSMTPD -- the latest version, 5.7.2 -- reachable by sending messages with huge header lines. Qualys...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2014/12/09 12:0 a.m.28 views

CVE-2014-8504

Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...

7.5CVSS7.2AI score0.06202EPSS
Exploits1References5
OSV
OSV
added 2014/02/10 6:15 p.m.3 views

DEBIAN-CVE-2012-3405

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS7.1AI score0.02087EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/08/23 2:17 p.m.6 views

glibc: incorrect size calculation in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...

5CVSS6AI score0.02225EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/08/23 2:17 p.m.7 views

glibc: incorrect use of extend_alloca() in formatted printing can lead to FORTIFY_SOURCE format string protection bypass

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS6AI score0.02087EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/04/30 5:7 p.m.18 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2012/03/19 9:57 p.m.4 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2012/03/15 4:30 p.m.8 views

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS7.5AI score0.02717EPSS
Exploits5References4
UbuntuCve
UbuntuCve
added 2010/03/03 12:0 a.m.28 views

CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

6.9CVSS5.9AI score0.0032EPSS
Exploits0References2
Rows per page
Query Builder