Lucene search
+L

459 matches found

OSV
OSV
added 2024/12/27 3:15 p.m.7 views

AZL-54815 CVE-2024-56647 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

5.5CVSS6.7AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.7 views

AZL-54735 CVE-2024-56647 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

5.5CVSS5.6AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.33 views

UBUNTU-CVE-2024-56647

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

5.5CVSS6.2AI score0.00218EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2024/12/27 3:2 p.m.8 views

CVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bug

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

7.4AI score0.00218EPSS
Exploits0References4
CVE
CVE
added 2024/12/27 3:2 p.m.178 views

CVE-2024-56647

CVE-2024-56647: In the Linux kernel, icmp host relookup can trigger ip_rt_bug when ARP/link conditions and xfrm are involved. The fix skips icmp relookup for locally generated packets (e.g., ICMP errors) to avoid dst->out being ip_rt_bug on loopback and similar scenarios. Reproduced scenario s...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.4 views

vivo Permission manager module 安全漏洞

The vivo Permission manager module is a cell phone permission management module from the Chinese company Vivo. A security vulnerability exists in vivo Permission manager module, which originates from a locally installed application that can bypass permission checking and perform system operations...

7.9CVSS6.7AI score0.00152EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.16 views

Juniper Junos OS Vulnerability (JSA88131)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88131 advisory. - A NULL Pointer Dereference vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C...

6.8CVSS5.9AI score0.00207EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.7 views

Ivanti Velocity License Server 安全漏洞

Ivanti Velocity License Server is an application from Ivanti USA that provides licenses to mobile devices using Velocity or terminal emulation clients. A security vulnerability exists in Ivanti Velocity License Server versions prior to 5.2, which stems from the presence of insecure privileges tha...

7.8CVSS6.3AI score0.00227EPSS
Exploits0References2
ICS
ICS
added 2024/10/08 12:0 a.m.49 views

Siemens Questa and ModelSim

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.3CVSS7.5AI score0.00151EPSS
Exploits0References10
ICS
ICS
added 2024/08/22 6:0 a.m.11 views

Rockwell Automation Emulate3D

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.4 ATTENTION : Exploitable locally Vendor : Rockwell Automation Equipment : Emulate3D Vulnerability : Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

5.4CVSS7.8AI score0.00219EPSS
Exploits0References10
NVD
NVD
added 2024/07/31 8:15 p.m.33 views

CVE-2024-7325

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The...

8.5CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/24 1:52 p.m.34 views

CVE-2024-4748 RCE in Cruddiy

The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which...

8.8CVSS0.01115EPSS
Exploits0References3
OSV
OSV
added 2024/06/24 1:52 p.m.21 views

CVE-2024-4748 RCE in Cruddiy

The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which...

8.8CVSS5.9AI score0.01115EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/06/13 1:55 p.m.26 views

CVE-2024-22333 IBM Maximo Application Suite information disclosure

IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 279973...

3.3CVSS5.9AI score0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.7 views

IBM Maximo Asset Management and IBM Maximo Application Suite Security Vulnerabilities

IBM Maximo Asset Management and IBM Maximo Application Suite are both products of International Business Machines IBM, U.S.A. IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution. The solution is capable of managing all types of assets, such as...

3.3CVSS6.4AI score0.0018EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2024/06/07 4:26 p.m.27 views

Google will start deleting location history

Google announced that it will reduce the amount of personal data it is storing by automatically deleting old data from "Timeline"—the feature that, previously named "Location History," tracks user routes and trips based on a phone’s location, allowing people to revisit all the places theyve been ...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/04 1:22 p.m.3 views

SUSE CVE-2019-11246

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user's machine. If the tar binary in the container is...

6.5CVSS6.7AI score0.03616EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/30 11:45 a.m.18 views

CVE-2022-43841 IBM Aspera Console information disclosure

IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078...

4CVSS5.8AI score0.00158EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/24 7:2 a.m.6 views

WordPress Custom Fonts – Host Your Fonts Locally plugin <= 2.1.4 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by James Myers ConfidenceRemainsHigh in WordPress Plugin Custom Fonts – Host Your Fonts Locally versions = 2.1.4...

6.4CVSS5.7AI score0.00257EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.7 views

PT-2024-17949 · WordPress · Custom Fonts – Host Your Fonts Locally

Name of the Vulnerable Software and Affected Versions: Custom Fonts – Host Your Fonts Locally plugin for WordPress versions up to, and including, 2.1.4 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with author level or...

6.4CVSS6.1AI score0.00257EPSS
Exploits0References3
Rows per page
Query Builder