Lucene search
K

40446 matches found

OSV
OSV
added 2025/06/18 11:15 a.m.4 views

UBUNTU-CVE-2022-50206

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

5.5CVSS6AI score0.00198EPSS
Exploits0References10
OSV
OSV
added 2025/06/18 11:15 a.m.2 views

UBUNTU-CVE-2022-49992

In the Linux kernel, the following vulnerability has been resolved: mm/mprotect: only reference swap pfn page if type match Yu Zhao reported a bug after the commit "mm/swap: Add swpoffsetpfn to fetch PFN from swap entry" added a check in swpoffsetpfn for swap type 1: kernel BUG at...

5.5CVSS5.7AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2025/06/18 11:3 a.m.6 views

CVE-2022-50218 iio: light: isl29028: Fix the warning in isl29028_remove()

In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028remove The driver use the non-managed form of the register function in isl29028remove. To keep the release order as mirroring the ordering in probe, the driver should use non-manag...

5.5CVSS6AI score0.0019EPSS
Exploits0References11
CVE
CVE
added 2025/06/18 11:3 a.m.72 views

CVE-2022-50218

The CVE-2022-50218 entry describes a Linux kernel vulnerability in the iio: light: isl29028 driver where isl29028_remove() used a non-managed register function, breaking the release order relative to probe and causing a fault trace (null pointer dereference and a general protection fault) during ...

5.5CVSS6.6AI score0.0019EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/06/18 11:1 a.m.10 views

CVE-2022-50014 mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLLFORCE COW security issue and remove FOLLCOW Ever since the Dirty COW CVE-2016-5195 security issue happened, we know that FOLLFORCE can be possibly dangerous, especially if there are races that can be exploited by...

7CVSS6.7AI score0.00142EPSS
Exploits0References5
CVE
CVE
added 2025/06/18 11:0 a.m.22 views

CVE-2022-49992

This CVE (CVE-2022-49992) concerns the Linux kernel, where a swap-entry PFN fetch path could be misapplied during mprotect changes. Root cause: in swp_offset_pfn(), a check for swap type allowed pfn_swap_entry_to_page() to be invoked for non-write-migration entries, triggering kernel BUG at inclu...

5.5CVSS6.4AI score0.00175EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/18 11:0 a.m.7 views

CVE-2022-49992 mm/mprotect: only reference swap pfn page if type match

In the Linux kernel, the following vulnerability has been resolved: mm/mprotect: only reference swap pfn page if type match Yu Zhao reported a bug after the commit "mm/swap: Add swpoffsetpfn to fetch PFN from swap entry" added a check in swpoffsetpfn for swap type 1: kernel BUG at...

0.00175EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/18 11:0 a.m.5 views

CVE-2022-49992

In the Linux kernel, the following vulnerability has been resolved: mm/mprotect: only reference swap pfn page if type match Yu Zhao reported a bug after the commit "mm/swap: Add swpoffsetpfn to fetch PFN from swap entry" added a check in swpoffsetpfn for swap type 1: kernel BUG at...

5.5CVSS5.4AI score0.00175EPSS
Exploits0
NVD
NVD
added 2025/06/18 10:15 a.m.8 views

CVE-2025-38074

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

5.5CVSS0.00161EPSS
Exploits0References9
OSV
OSV
added 2025/06/18 10:15 a.m.4 views

UBUNTU-CVE-2025-38074

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

5.5CVSS6.1AI score0.00161EPSS
Exploits0References39
Cvelist
Cvelist
added 2025/06/18 9:33 a.m.6 views

CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

0.00161EPSS
Exploits0References7
OSV
OSV
added 2025/06/18 9:33 a.m.4 views

CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

5.5CVSS6AI score0.00161EPSS
Exploits0References12
Packet Storm News
Packet Storm News
added 2025/06/18 12:0 a.m.4 views

Rubber Mallet: a Study of High Frequency Localized Bit Flips and Their Impact on Security

The increasing density of modern DRAM has heightened its vulnerability to Rowhammer attacks, which induce bit flips by repeatedly accessing specific memory rows. This paper presents an analysis of bit flip patterns generated by advanced Rowhammer techniques that bypass existing hardware defenses...

7.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.5 views

PT-2025-25795

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved. The issue is related to MACsec offload for uplink representor profiles. MACsec offload is not supported in switchdev mode for...

5.5CVSS6.5AI score0.00156EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.3 views

PT-2025-25797

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been identified in the Linux kernel, specifically in the RDMA/core component. The problem arises when the function ib device rename renames a device name with...

7.8CVSS6.5AI score0.00161EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inadequate RCU protection and could lead to read after release...

4.7CVSS7.9AI score0.001EPSS
Exploits0References3
Trellix
Trellix
added 2025/06/18 12:0 a.m.34 views

Hidden Malware Discovered in jQuery Migrate: A Stealthy Supply Chain Threat

Hidden Malware Discovered in jQuery Migrate: A Stealthy Supply Chain Threat By Trellix · June 18, 2025 This blog was also written by Trishaan Kalra Introduction What happens when a trusted open source library becomes a conduit for stealthy malware delivery? That question became reality when the...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.6 views

PT-2025-26144 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the iio light driver isl29028. The issue arises from the use of the non-managed form of the register function in...

7.8CVSS5.8AI score0.12746EPSS
Exploits16References588
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.6 views

The vulnerability of the DHCP Server Service for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the DHCP Server Service for Windows operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS5.5AI score0.0152EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.5 views

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize special elements used within the operating system, allowing attackers to execute arbitrary SQL queries.

The vulnerability of the Chamilo LMS, a system for electronic teaching and content management, lies in the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary SQL...

8.7CVSS6AI score0.02603EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder