Lucene search
K

6512 matches found

Amazon
Amazon
added 2024/04/17 12:0 a.m.4 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...

9.8CVSS6.7AI score0.00828EPSS
Exploits0
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack map overflow...

7.8CVSS6.7AI score0.00251EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an update to cpusiblingmap on a non-boot CPU...

5.5CVSS4.6AI score0.00222EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.4 views

PT-2024-21526 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc5+ Description: The issue is related to the LoongArch architecture in the Linux kernel. When disabling non-boot CPUs, the cpu sibling map is not updated correctly, leading to errors on SMT systems, such ...

5.5CVSS6.7AI score0.00222EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.11 views

PT-2024-26837

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a missing lock in the hugetlb code, which can be triggered in an userfault context. This occurs when two threads modify the resv map together, going into an...

5.5CVSS5.4AI score0.00225EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.3 views

PT-2024-40694 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several functions: cli html normalise, html normalise map, and cli scanhtm...

6.9AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/04/15 11:12 p.m.4 views

SUSE CVE-2024-26787

In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIGDMAAPIDEBUGSG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST, overlapping mappings aren't supported WARNIN...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2024/04/12 4:15 p.m.4 views

CVE-2024-30382

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial o...

8.7CVSS5.8AI score0.0071EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/04/11 2:30 a.m.2 views

SUSE CVE-2024-26816

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...

5.5CVSS6.1AI score0.00307EPSS
Exploits0References23
OSV
OSV
added 2024/04/10 2:15 p.m.6 views

DEBIAN-CVE-2024-26816

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the "startupxen" entry point. This information is used prior to booting th...

5.5CVSS5.6AI score0.00307EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/04/10 2:16 a.m.3 views

SUSE CVE-2024-26726

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extentmap for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfsholesspacecache. assertion failed: blockstart != EXTENTMAPHOLE, in...

5.5CVSS6.9AI score0.00256EPSS
Exploits0References10
OSV
OSV
added 2024/04/09 7:15 p.m.5 views

CVE-2024-2226

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This...

5.4CVSS5.9AI score0.00358EPSS
Exploits0References2
NVD
NVD
added 2024/04/09 7:15 p.m.14 views

CVE-2024-2226

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS5.7AI score0.00358EPSS
Exploits0References2
NVD
NVD
added 2024/04/09 7:15 p.m.26 views

CVE-2023-6777

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 9.0.34 due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's...

6.5CVSS5.2AI score0.00795EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/09 6:58 p.m.25 views

CVE-2024-2226 Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This...

6.4CVSS5.8AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.3 views

WordPress Plugin Otter Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS7.7AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-19293 · WordPress · The Otter Blocks – Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress versions up to, and including, 2.6.4 Description: The issue is related to Stored Cross-Site Scripting via the id parameter in the "google-map"...

6.4CVSS8AI score0.00358EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/04/06 1:59 a.m.4 views

SUSE CVE-2024-26664

In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Fix out-of-bounds memory access Fix a bug that pdata-cpumap is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References10
OSV
OSV
added 2024/04/04 7:41 p.m.8 views

CVE-2024-30255 HTTP/2: CPU exhaustion due to CONTINUATION frame flood

Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of...

5.3CVSS6.8AI score0.8781EPSS
Exploits1References6
CVE
CVE
added 2024/04/04 5:55 p.m.86 views

CVE-2024-25700

The CVE concerns Esri Portal for ArcGIS Enterprise Web App Builder (versions 11.1 and below). A stored Cross-site Scripting (XSS) condition can arise when an attacker with high privileges creates a crafted link stored in a web map; when clicked, it could execute arbitrary JavaScript in the victim...

4.8CVSS5.6AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder