Lucene search
K

715 matches found

Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.4 views

PT-2024-15180 · Unknown · Sciener Locks

Name of the Vulnerable Software and Affected Versions: Sciener locks affected versions not specified Description: The firmware update mechanism of the locks does not authenticate or validate firmware updates when they are passed through the Bluetooth Low Energy service. An attacker can send a...

9.8CVSS7.1AI score0.00292EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.5 views

PT-2024-15176 · Unknown · Sciener-Based Locks

Name of the Vulnerable Software and Affected Versions: Sciener-based locks affected versions not specified Description: The issue allows unencrypted malicious commands to be passed to the lock over Bluetooth Low Energy, as some Sciener-based locks support plaintext message processing. These...

8.2CVSS7.1AI score0.00248EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/15 12:0 a.m.3 views

Sciener-based locks Security Vulnerabilities

Sciener is a smart lock firmware from Sciener. A security vulnerability exists in Sciener-based locks that stems from support for plaintext message processing, allowing an attacker to pass unencrypted malicious commands to the lock...

8.2CVSS6.9AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/15 12:0 a.m.4 views

Sciener locks firmware security vulnerability

Sciener is a smart lock firmware from Sciener. A security vulnerability exists in the Sciener locks firmware, which stems from the fact that the firmware update mechanism does not validate the firmware update request if the firmware update is passed to the lock via the Bluetooth Low Energy servic...

9.8CVSS6.8AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 2024/03/13 2:15 p.m.4 views

UBUNTU-CVE-2024-26629

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

5.5CVSS6.1AI score0.00195EPSS
Exploits0References23
Debian CVE
Debian CVE
added 2024/03/13 2:1 p.m.78 views

CVE-2024-26629

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

5.5CVSS7.3AI score0.00195EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/03/13 9:11 a.m.3 views

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

5.5CVSS6.8AI score0.00275EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/03/13 4:22 a.m.3 views

SUSE CVE-2024-26614

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

5.9CVSS6.3AI score0.00173EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2024/03/13 12:29 a.m.1 views

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

5.5CVSS6.8AI score0.00275EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/03/13 12:17 a.m.29 views

Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. 'Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

5.5CVSS6.7AI score0.00275EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/03/13 12:17 a.m.5 views

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

5.5CVSS6.8AI score0.00275EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/03/13 12:0 a.m.31 views

RHEL 9 : kernel-rt (RHSA-2024:1303)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1303 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...

5.5CVSS6.7AI score0.00275EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/12 12:48 a.m.1 views

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion

A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks...

5.5CVSS6.8AI score0.00275EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.5 views

PT-2024-15171 · Kontrol +2 · Kontrol +3

Name of the Vulnerable Software and Affected Versions: Sciener firmware affected versions not specified Description: The issue concerns the use of a non-unique AES key in the pairing process between locks using Sciener firmware and wireless keypads. This key can be reused, potentially compromisin...

6.8CVSS7AI score0.0028EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.4 views

PT-2024-15174 · Kontrol +2 · Kontrol +3

Name of the Vulnerable Software and Affected Versions: Sciener firmware affected versions not specified Description: The issue concerns the unlockKey character in locks using Sciener firmware, which can be compromised through brute force attacks by sending repeated challenge requests. This affect...

9.1CVSS7AI score0.00503EPSS
Exploits0References6
CERT
CERT
added 2024/03/07 12:0 a.m.61 views

Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks

Overview Sciener is a company that develops software and hardware for electronic locks that are marketed under many different brands. Their hardware works in tandem with an app, called the TTLock app, which is also produced by Sciener. The TTLock app utilizes Bluetooth connections to connect to...

9.8CVSS7.5AI score0.00503EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/03/02 5:49 a.m.5 views

SUSE CVE-2021-46997

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...

5.5CVSS7.9AI score0.00246EPSS
Exploits0References3
OSV
OSV
added 2024/02/29 11:15 p.m.2 views

UBUNTU-CVE-2021-47055

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...

5.5CVSS6.2AI score0.00196EPSS
Exploits0References4
OSV
OSV
added 2024/02/29 3:52 p.m.5 views

CVE-2023-52493 bus: mhi: host: Drop chan lock before queuing buffers

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...

5.5CVSS5.8AI score0.00209EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/02/29 3:52 p.m.14 views

CVE-2023-52493 bus: mhi: host: Drop chan lock before queuing buffers

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parsexferevent such that a callback given to client can potentially queu...

7.6AI score0.00209EPSS
Exploits0References6
Rows per page
Query Builder