Lucene search
K

6512 matches found

OSV
OSV
added 2024/02/22 5:15 p.m.1 views

UBUNTU-CVE-2023-52446

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...

7.8CVSS6AI score0.00226EPSS
Exploits0References13
Cvelist
Cvelist
added 2024/02/22 4:21 p.m.28 views

CVE-2023-52447 bpf: Defer the free of inner map when necessary

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

7.7AI score0.00248EPSS
Exploits0References6
CVE
CVE
added 2024/02/22 4:21 p.m.316 views

CVE-2023-52447

CVE-2023-52447 is a Linux kernel issue where deferral of freeing inner BPF maps could lead to use-after-free if an inner map is accessed after removal from the outer map. The fix defers the inner-map free via bpf_map_free_deferred() and enforces two RCUs (RCU grace period and task-RCU grace perio...

6.7CVSS7.2AI score0.00248EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/22 4:21 p.m.23 views

CVE-2023-52447 bpf: Defer the free of inner map when necessary

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

6.9AI score0.00248EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/02/22 4:21 p.m.28 views

CVE-2023-52447

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

6.7CVSS7.2AI score0.00248EPSS
Exploits0
OSV
OSV
added 2024/02/22 4:21 p.m.10 views

CVE-2023-52447 bpf: Defer the free of inner map when necessary

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

6.7CVSS6.1AI score0.00248EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/02/22 12:0 a.m.2 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btfput and mapfree...

7.8CVSS8AI score0.00226EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/02/22 12:0 a.m.40 views

CVE-2023-52447

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

6.7CVSS6.3AI score0.00248EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-17942 · WordPress · The Directorist: Ai-Powered Wordpress Business Directory Plugin With Classified Ads Listings

Name of the Vulnerable Software and Affected Versions: The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress versions up to, and including, 7.8.4 Description: The issue allows unauthorized modification of data due to a missing capability check on...

5.3CVSS6.1AI score0.00524EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-9841 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential buffer overflow in the map hw resources function. The function was accessing arrays using an index that could potentially be greater than the size o...

7.8CVSS7AI score0.00249EPSS
Exploits0References14
Amazon
Amazon
added 2024/02/19 12:0 a.m.4 views

Important: kernel

Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...

7.8CVSS6.6AI score0.01177EPSS
Exploits0
Amazon
Amazon
added 2024/02/19 12:0 a.m.12 views

Important: kernel

Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...

7.8CVSS8.1AI score0.01177EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.9 views

PT-2024-7282

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.18.0-372.88.1.el8 6 smartpqi test.x86 64 Description: The vulnerability is related to a blk-mq registration issue in the Linux kernel's scsi: smartpqi driver. When the default PCI IRQ AFFINITY flag is turned...

7.8CVSS5.5AI score0.00245EPSS
Exploits0
OSV
OSV
added 2024/02/12 4:15 p.m.3 views

CVE-2024-0420

The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00462EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2024/02/12 10:38 a.m.2 views

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

8.8CVSS6.1AI score0.00585EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:27 a.m.5 views

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

8.8CVSS6.1AI score0.00585EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:26 a.m.3 views

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

8.8CVSS6.1AI score0.00585EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/02/11 3:54 a.m.4 views

SUSE CVE-2024-24820

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...

8.3CVSS6.2AI score0.00398EPSS
Exploits1References3
OSV
OSV
added 2024/02/09 12:15 a.m.4 views

DEBIAN-CVE-2024-24820

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...

8.3CVSS7.2AI score0.00398EPSS
Exploits1References1
OSV
OSV
added 2024/02/09 12:15 a.m.5 views

UBUNTU-CVE-2024-24820

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...

8.3CVSS5.2AI score0.00398EPSS
Exploits1References3
Rows per page
Query Builder