Lucene search
K

1307 matches found

RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.1 views

kernel: net: stmmac: fix dma queue left shift overflow issue

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

7.8CVSS6.3AI score0.00261EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.33 views

Moderate: dhcp security and enhancement update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

6.5CVSS7AI score0.00664EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.3 views

PT-2025-25909 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.0-rc2-syzkaller-00316-g0457e5153e0e Description: A vulnerability in the Linux kernel has been resolved, related to the udmabuf device. If the DMA mask is not set explicitly, a warning occurs when userspace...

8.8CVSS6AI score0.12746EPSS
Exploits32References1123
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.6 views

PT-2025-26026 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue occurs when a task is descheduling and is requeued on a CPU that is excluded from the cpus mask. This can trigger a...

8.8CVSS5.6AI score0.12746EPSS
Exploits32References1109
OSV
OSV
added 2023/03/29 7:15 p.m.8 views

AZL-25851 CVE-2023-25809 affecting package moby-runc for versions less than 1.1.5-1

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.7AI score0.00327EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2023/03/27 8:33 a.m.2 views

kernel: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...

5.5CVSS6.7AI score0.00128EPSS
Exploits0References5
Code423n4
Code423n4
added 2023/03/19 12:0 a.m.11 views

DefaultAccount will add system call flag to any call with msg.value

Lines of code Vulnerability details Impact As mentioned in the repo's README.md documentation: isSystem flag. Whether the call intends a system contracts' function. While most of the system contracts' functions are relatively harmless, accessing some with calldata only may break the invariants of...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/03/03 12:0 a.m.3 views

PT-2023-21154 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: wasmtime versions prior to 4.0.1 wasmtime versions prior to 5.0.1 wasmtime versions prior to 6.0.1 Description: The code generation backend, Cranelift, has a bug on x86 64 platforms for the WebAssembly i8x16.select instruction which will...

4.3CVSS4.5AI score0.00624EPSS
Exploits0References14
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/25 11:30 p.m.2 views

Malicious code in py-maskgrandultra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 53125f2986ff39680623a3497b4220d2750147825e8cbf96a5ff2ef74bf722cc EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:29 p.m.12 views

K18304067: The BIG-IP ASM system may fail to properly mask the value of a configured sensitive positional parameter that appears in a Referer header

Security Advisory Description The BIG-IP ASM system may fail to properly mask the value of a configured sensitive positional parameter that appears in a Referer header. This issue occurs when all of the following conditions are met: You configure a positional parameter for an Allowed URL in the...

6.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/20 4:22 a.m.3 views

Malicious code in jquery-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c2e86401517688fc0bdbd68e989cce56834a9c11090e0a27fd0e0b5cdf9ca2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/20 4:22 a.m.17 views

MAL-2023-537 Malicious code in jquery-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c2e86401517688fc0bdbd68e989cce56834a9c11090e0a27fd0e0b5cdf9ca2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-3508

Integer overflow in the processenvvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LDHWCAPMASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution...

7.2CVSS8.2AI score0.00454EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.8 views

SUSE CVE-2009-0692

Stack-based buffer overflow in the scriptwriteparams method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option...

10CVSS8.3AI score0.2578EPSS
Exploits9References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.3 views

SUSE CVE-2010-2070

arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742...

4.9CVSS6.3AI score0.00381EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3966

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a negative height value in a BMP image within a...

10CVSS9.2AI score0.05194EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.3 views

SUSE CVE-2014-7231

The strutils.maskpassword function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log...

2.1CVSS6.6AI score0.00528EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.1 views

SUSE CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...

7.5CVSS8.1AI score0.07687EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.2 views

SUSE CVE-2015-4104

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service unexpected interrupt and host crash via unspecified vectors...

7.8CVSS6.3AI score0.03427EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.2 views

SUSE CVE-2015-8745

QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers IMR. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...

5.5CVSS6.8AI score0.00398EPSS
Exploits0References14
Rows per page
Query Builder