Lucene search
K

9100 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

3.3CVSS7.9AI score0.01073EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.4 views

SUSE CVE-2022-36086

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

9.8CVSS6.9AI score0.00727EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.5 views

SUSE CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References5
OSV
OSV
added 2023/02/13 5:30 p.m.10 views

GSD-2023-1001979 wifi: mac80211: fix initialization of rx->link and rx->link_sta

wifi: mac80211: fix initialization of rx-link and rx-linksta This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.2 views

PT-2023-35055 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue concerns the initialization of rx-link and rx-link sta in the mac80211 component of the wifi module. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/13 12:0 a.m.2 views

PT-2023-34925 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue is related to the initialization of locks in the f2fs fill super function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
Veracode
Veracode
added 2023/02/11 9:36 a.m.44 views

NULL Pointer Dereference

openssl is vulnerable to null point dereference. The vulnerability exists because there is a missing check for the return value from the initialization function which later leads to invalid usage of the digest api most likely leading to a crash...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References7Affected Software3
Ubuntu
Ubuntu
added 2023/02/09 9:46 p.m.73 views

USN-5859-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.2AI score0.01944EPSS
Exploits5
OSV
OSV
added 2023/02/09 9:46 p.m.7 views

USN-5859-1 linux-oem-5.14 vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS6.9AI score0.01944EPSS
Exploits5References5
BDU FSTEC
BDU FSTEC
added 2023/02/09 12:0 a.m.6 views

The vulnerability of the pesign demon in the system initialization and service management subsystem of systemd allows a malicious actor to escalate their privileges.

The vulnerability of the pesign demon in the system initialization and service management subsystem of systemd relates to the possibility of bypassing paths. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2023/02/08 8:15 p.m.4 views

ALPINE-CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS6.7AI score0.01846EPSS
Exploits0References1
OSV
OSV
added 2023/02/08 8:15 p.m.1 views

DEBIAN-CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/02/08 7:0 p.m.50 views

CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.9AI score0.01846EPSS
Exploits0
OSV
OSV
added 2023/02/07 12:0 p.m.26 views

RUSTSEC-2023-0013 `NULL` dereference during PKCS7 data verification

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.7AI score0.01846EPSS
Exploits0References3
OSV
OSV
added 2023/02/07 12:0 a.m.9 views

UBUNTU-CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS6.8AI score0.01846EPSS
Exploits0References5
Veracode
Veracode
added 2023/02/03 11:1 p.m.37 views

Use-After-Free

openssl is vulnerable to Use-After-Free. The vulnerability exists because there is a missing check for the return value from the initialization function which allows an attacker to cause an application crash...

5.5CVSS6.5AI score0.00282EPSS
Exploits0References12Affected Software2
OSV
OSV
added 2023/01/31 3:41 p.m.13 views

GSD-2023-1001685 wifi: mac80211: fix initialization of rx->link and rx->link_sta

wifi: mac80211: fix initialization of rx-link and rx-linksta This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.3 views

PT-2023-34864 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: A NULL-deref issue was discovered in the init error path of the EFI module. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.4 views

PT-2025-53057

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the MediaTek mtk-svs driver. Specifically, if the system boots without a full reset such as via kexec, a peripheral might trigger an interrup...

4.3CVSS6.2AI score0.00198EPSS
Exploits0References19
GithubExploit
GithubExploit
added 2023/01/24 8:44 a.m.430 views

Exploit for Improper Initialization in Linux Linux_Kernel

DIRTY PIPE CVE-2022-0847 This is a kernel vulnerability th...

7.8CVSS7.6AI score0.88106EPSS
Exploits100
Rows per page
Query Builder