Lucene search
+L

297 matches found

OSV
OSV
added 2024/04/30 12:0 a.m.39 views

ALSA-2024:2562 Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: net/http/cookiejar: incorrect...

7.5CVSS8.2AI score0.91969EPSS
Exploits1References16
RedhatCVE
RedhatCVE
added 2024/04/03 12:3 a.m.25 views

CVE-2024-26674

In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to ASMEXTABLEUA for get,putuser fixups During memory error injection test on kernels = v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels = v6.3. mce: Hardware Error: CPU 296...

4.4CVSS7AI score0.00264EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 10:57 a.m.29 views

BIT-GOLANG-2022-41724 Panic on large handshake records in crypto/tls

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session...

7.5CVSS7.6AI score0.01111EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/05 10:22 p.m.31 views

CVE-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

7.6AI score0.00667EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/05 10:22 p.m.15 views

CVE-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

7.1AI score0.00667EPSS
Exploits0References6
NVD
NVD
added 2024/03/04 7:15 p.m.22 views

CVE-2021-47108

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

5.5CVSS7.3AI score0.00196EPSS
Exploits0References2
Prion
Prion
added 2024/03/04 7:15 p.m.13 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

7.3AI score0.00196EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/03/04 7:15 p.m.21 views

CVE-2021-47108

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

5.5CVSS6.2AI score0.00196EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/04 6:15 p.m.16 views

CVE-2021-47108 drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

6.7AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/04 6:15 p.m.36 views

CVE-2021-47108 drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf In commit 41ca9caaae0b "drm/mediatek: hdmi: Add check for CEA modes only" a check for CEA modes was added to function mtkhdmibridgemodevalid in order to address...

7.4AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2024/02/27 7:4 p.m.6 views

DEBIAN-CVE-2021-46948

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX event handling We're starting from a TXQ label, not a TXQ type, so efxchannelgettxqueue is inappropriate and could return NULL, leading to panics...

5.5CVSS4.9AI score0.00222EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/02/27 7:4 p.m.24 views

CVE-2021-46948

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX event handling We're starting from a TXQ label, not a TXQ type, so efxchannelgettxqueue is inappropriate and could return NULL, leading to panics...

5.5CVSS5.7AI score0.00222EPSS
Exploits0References6
Prion
Prion
added 2024/02/27 7:4 p.m.21 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX event handling We're starting from a TXQ label, not a TXQ type, so efxchannelgettxqueue is inappropriate and could return NULL, leading to panics...

7AI score0.00222EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/27 6:40 p.m.22 views

CVE-2021-46949

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX flush done handling We're starting from a TXQ instance number 'qid', not a TXQ type, so efxgettxqueue is inappropriate and could return NULL, leading to panics...

5.5CVSS4.8AI score0.00222EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.6 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a security vulnerability that stems from the fact that the count of page references in use is not optimal, sometimes leading to kernel panics...

5.5CVSS8.1AI score0.00222EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/02/17 6:30 a.m.24 views

Improper Validation of Array Index in github.com/greenpau/caddy-security

All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...

5.3CVSS6.8AI score0.00722EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2024/02/17 5:15 a.m.18 views

Input validation

All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Validation of Array Index when parsing a Caddyfile. Multiple parsing functions in the affected library do not validate whether their input values are nil before attempting to access elements, which can lead ...

5CVSS7.1AI score0.00722EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.32 views

RHCOS 4 : OpenShift Container Platform 4.13.4 (RHSA-2023:3612)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3612 advisory. - golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 - golang.org/x/net/http2: avoid...

9.8CVSS6.9AI score0.05623EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.60 views

Oracle Linux 9 : runc (ELSA-2023-6380)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6380 advisory. - rebuild for following CVEs: CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - runc 1.1.5 resolves CVE-2023-25809 and CVE-2023-27561 Tenable has extracte...

7.8CVSS6.8AI score0.01677EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.42 views

RHEL 9 : containernetworking-plugins (RHSA-2023:6402)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6402 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfac...

9.8CVSS7.1AI score0.04561EPSS
Exploits0References25
Rows per page
Query Builder