Lucene search
K

196 matches found

osv
osv
added 2024/05/22 12:0 p.m.19 views

RUSTSEC-2024-0351 Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS5.5AI score0.00448EPSS
Exploits0References5
osv
osv
added 2024/05/22 12:0 p.m.23 views

RUSTSEC-2024-0353 Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS5.5AI score0.00448EPSS
Exploits0References5
rustsec
rustsec
added 2024/05/22 12:0 p.m.6 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
rustsec
rustsec
added 2024/05/22 12:0 p.m.6 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
ptsecurity
ptsecurity
added 2024/05/22 12:0 a.m.4 views

PT-2024-4191 · Gitoxide · Gitoxide

Name of the Vulnerable Software and Affected Versions: gitoxide affected versions not specified Description: The issue is related to how gitoxide handles legacy device names on Windows. When fetching refs or checking out paths that clash with these names, it can read from or write to devices,...

6.4CVSS6.7AI score0.00448EPSS
Exploits0References16
vulnrichment
vulnrichment
added 2024/03/26 3:17 p.m.28 views

CVE-2024-26644 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted error -2 WARNIN...

6.5AI score0.0023EPSS
Exploits0References7
nvd
nvd
added 2024/03/15 9:15 p.m.15 views

CVE-2021-47124

In the Linux kernel, the following vulnerability has been resolved: iouring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: refcountsubandtest...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References5
cvelist
cvelist
added 2024/03/15 8:14 p.m.30 views

CVE-2021-47124 io_uring: fix link timeout refs

In the Linux kernel, the following vulnerability has been resolved: iouring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: refcountsubandtest...

6.7AI score0.00232EPSS
Exploits0References5
osv
osv
added 2024/03/06 12:15 a.m.3 views

DEBIAN-CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

7.8CVSS6AI score0.00267EPSS
Exploits0References1
nvd
nvd
added 2024/03/06 12:15 a.m.28 views

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

8.4CVSS9.4AI score0.00267EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2024/03/06 12:15 a.m.36 views

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

8.4CVSS6.2AI score0.00267EPSS
Exploits0References3
osv
osv
added 2024/03/06 12:15 a.m.3 views

UBUNTU-CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

8.4CVSS6.1AI score0.00267EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/03/05 12:0 a.m.5 views

eza Security breaches

eza is eza open source a modern maintenance replacement for the venerable file-listing command-line program ls that comes with Unix and Linux operating systems. A security vulnerability exists in eza versions prior to 0.18.2, which stems from a buffer overflow vulnerability that can be exploited ...

8.4CVSS8AI score0.00267EPSS
Exploits0References2
cvelist
cvelist
added 2024/03/05 12:0 a.m.31 views

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

9.6AI score0.00267EPSS
Exploits0References2
cve
cve
added 2024/03/05 12:0 a.m.71 views

CVE-2024-25817

Affected software: eza (before v0.18.2). Root cause / vulnerability: Buffer overflow allowing local attackers to execute arbitrary code through .git/HEAD, .git/refs, and .git/objects components.** Impact:** Local code execution with high impact as described in multiple advisories. References from...

8.4CVSS7.5AI score0.00267EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2024/03/05 12:0 a.m.20 views

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

7.6AI score0.00267EPSS
Exploits0References2
debiancve
debiancve
added 2024/03/05 12:0 a.m.22 views

CVE-2024-25817

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components...

8.4CVSS9.4AI score0.00267EPSS
Exploits0
osv
osv
added 2024/02/28 9:15 a.m.2 views

UBUNTU-CVE-2021-46981

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

5.5CVSS6.1AI score0.0025EPSS
Exploits0References12
redhat
redhat
added 2023/11/08 3:38 p.m.4 views

mariadb: Crash in get_sort_by_table() in subquery with ORDER BY having outer ref

getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY...

5.5CVSS7.4AI score0.00393EPSS
Exploits1References4
prion
prion
added 2023/10/10 6:15 p.m.22 views

Privilege escalation

Microsoft Resilient File System ReFS Elevation of Privilege Vulnerability...

4.3CVSS8.4AI score0.0068EPSS
Exploits0References1Affected Software8
Rows per page
Query Builder