Lucene search
K

9099 matches found

RedhatCVE
RedhatCVE
added 2025/05/03 1:39 a.m.19 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

7.3CVSS7.2AI score0.00197EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/03 1:39 a.m.22 views

CVE-2025-46632

Initialization vector IV reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server...

6.5CVSS7AI score0.00266EPSS
Exploits1References1
OSV
OSV
added 2025/05/02 4:15 p.m.2 views

DEBIAN-CVE-2023-53119

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...

5.5CVSS5.5AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 4:15 p.m.7 views

CVE-2023-53101

In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4IOCSWAPBOOT inode will initialize it, including setting the isize to 0. However, if the "never before used"...

5.5CVSS0.00162EPSS
Exploits0References8
NVD
NVD
added 2025/05/02 4:15 p.m.6 views

CVE-2023-53088

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive socket initialization, the mptcp listener shutdown path is prone to an UaF issue. BUG: KASAN: use-after-free in...

7.8CVSS0.00161EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

DEBIAN-CVE-2023-53049

In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is NULL, yet in case of ucsiacpi we may still get events which cause the ucsacpi code to call ucsiconnectorchange, which then derefs the...

5.5CVSS5.5AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 4:15 p.m.6 views

CVE-2022-49932

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

5.5CVSS0.00169EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 4:15 p.m.9 views

AZL-70117 CVE-2022-49932 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

5.5CVSS5.6AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

UBUNTU-CVE-2023-53119

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...

5.5CVSS6.1AI score0.0016EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.17 views

CVE-2023-53119 nfc: pn533: initialize struct pn533_out_arg properly

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...

0.0016EPSS
Exploits0References8
CVE
CVE
added 2025/05/02 3:55 p.m.86 views

CVE-2023-53119

CVE-2023-53119 : In the Linux kernel, the pn533 NFC driver (pn533_out_arg) uses a temporary context for out_urb that is not fully initialized; the uninitialized field ‘phy’ may be dereferenced in error paths inside pn533_out_complete(), causing a general protection fault and a KASAN null-deref. T...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/05/02 3:55 p.m.7 views

CVE-2023-53115 scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mrinitioc Don't allocate memory again when IOC is being reinitialized...

5.5CVSS5AI score0.00157EPSS
Exploits0References6
CVE
CVE
added 2025/05/02 3:55 p.m.109 views

CVE-2023-53101

CVE-2023-53101 affects the Linux kernel ext4 bootloader inode handling. The issue arises when EXT4_IOC_SWAP_BOOT initializes an inode with a non-zero i_size, causing i_disksize to remain non-zero and creating an i_size vs i_disksize inconsistency that can trigger a kernel warning (as shown in the...

5.5CVSS6.5AI score0.00162EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.27 views

CVE-2023-53088 mptcp: fix UaF in listener shutdown

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive socket initialization, the mptcp listener shutdown path is prone to an UaF issue. BUG: KASAN: use-after-free in...

0.00161EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 3:55 p.m.8 views

CVE-2023-53072 mptcp: use the workqueue to destroy unaccepted sockets

In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...

7.8CVSS5.7AI score0.00161EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/02 3:54 p.m.11 views

CVE-2022-49932 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

0.00169EPSS
Exploits0References3
CVE
CVE
added 2025/05/02 3:54 p.m.65 views

CVE-2022-49932

CVE-2022-49932 affects the Linux kernel KVM/vMX path where /dev/kvm is exposed before VMX initialization is complete. The EulerOS advisories (EulerOS-SA-2025-2464/2483, EulerOS-SA-2025-2436/2447) flag this issue as part of kernel fixes and describe the root cause as incomplete initialization prio...

5.5CVSS6.2AI score0.00169EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/02 3:54 p.m.7 views

CVE-2022-49932 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

5.5CVSS4.9AI score0.00169EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.1 views

SUSE CVE-2025-23160

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization On Mediatek devices with a system companion processor SCP the mtkscp structure has to be removed explicitly to avoid a resource leak. Fre...

5.5CVSS7.6AI score0.00161EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.3 views

SUSE CVE-2025-37748

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer deference in mtkiommudevicegroup Currently, mtkiommu calls during probe iommudeviceregister before the hwlist from driver data is initialized. Since iommu probing issue fix, it leads to NULL point...

5.5CVSS7.6AI score0.0015EPSS
Exploits0References16
Rows per page
Query Builder