Lucene search
K

6095 matches found

SUSE CVE
SUSE CVE
added 2025/03/07 2:37 a.m.1 views

SUSE CVE-2025-21830

In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem e.g. bcachefs might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files...

5.5CVSS7.7AI score0.00167EPSS
Exploits0References13
OSV
OSV
added 2025/03/06 4:13 p.m.8 views

CVE-2024-58078 misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...

5.5CVSS6.1AI score0.00167EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/03 8:28 p.m.17 views

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server. have been remediated Vulnerability Details CVEID:CVE-2024-45086 DESCRIPTION: IBM WebSphere Application Server is vulnerable to an XML external...

5.5CVSS6.3AI score0.0044EPSS
Exploits0Affected Software1
Rosalinux
Rosalinux
added 2025/03/01 9:41 p.m.8 views

Advisory ROSA-SA-2025-2754

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

3.3CVSS4.5AI score0.00228EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/03/01 9:32 p.m.34 views

Advisory ROSA-SA-2025-2735

Software: cups 2.2.6 OS: ROSA Virtualization 3.0 packageevrstring: cups-2.2.6-60.rv30 CVE-ID: CVE-2023-32360 BDU-ID: 2023-07653 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server is related to flaws in the authentication procedure. Exploitation of the vulnerability could allow a...

7.5CVSS7.7AI score0.02421EPSS
Exploits3
Rosalinux
Rosalinux
added 2025/03/01 9:21 p.m.6 views

Advisory ROSA-SA-2025-2728

Software: opencryptoki 3.21.0 OS: ROSA Virtualization 3.0 packageevrstring: opencryptoki-3.21.0-10.rv30 CVE-ID: CVE-2024-0914 BDU-ID: 2024-02839 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the opencryptoki package is related to the processing of RSA PKCS1 augmented ciphertexts. Exploitation of...

5.9CVSS6.9AI score0.00878EPSS
Exploits0
OSV
OSV
added 2025/02/27 2:18 a.m.11 views

CVE-2025-21762 arp: use RCU protection in arp_xmit()

In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arpxmit arpxmit can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF...

7.8CVSS6.1AI score0.00227EPSS
Exploits0References13
OSV
OSV
added 2025/02/27 2:7 a.m.10 views

CVE-2025-21719 ipmr: do not call mr_mfc_uses_dev() for unres entries

In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mrmfcusesdev for unres entries syzbot found that calling mrmfcusesdev for unres entries would crash 1, because c-mfcun.res.minvif / c-mfcun.res.maxvif alias to "struct skbuffhead unresolved", which contain two...

7.1CVSS6.1AI score0.00177EPSS
Exploits0References13
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

DEBIAN-CVE-2022-49115

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak...

5.5CVSS5.5AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 6:37 a.m.13 views

CVE-2021-47646

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...

7.8CVSS6.8AI score
Exploits0References7
CVE
CVE
added 2025/02/26 2:24 a.m.84 views

CVE-2022-49672

CVE-2022-49672 refers to a race condition in the Linux kernel’s network/tun path: when destroying a tunNAPI object, the NAPI in the tun_file struct can be destroyed before the netdev, requiring explicit deletion of the NAPI. Syzbot observed this race as the queue was detached, enabling a potentia...

5.5CVSS5.3AI score0.00268EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 2:23 a.m.6 views

CVE-2022-49563

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a line...

5.5CVSS5.8AI score0.00248EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/26 2:13 a.m.21 views

CVE-2022-49542 scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 with LOGTRACEEVENT, the following hard lockup call trace hangs the system. Call Trace: rawspinlockirqsave+0x32/0x40...

0.00184EPSS
Exploits0References4
OSV
OSV
added 2025/02/26 2:13 a.m.10 views

CVE-2022-49508 HID: elan: Fix potential double free in elan_input_configured

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elaninputconfigured 'input' is a managed resource allocated with devminputallocatedevice, so there is no need to call inputfreedevice explicitly or there will be a double free. According to...

7.8CVSS5.3AI score0.00282EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/02/26 2:13 a.m.10 views

CVE-2022-49489 drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...

7.1AI score0.00261EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 1:56 a.m.15 views

CVE-2022-49258 crypto: ccree - Fix use after free in cc_cipher_exit()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - Fix use after free in cccipherexit kfreesensitivectxp-user.key will free the ctxp-user.key. But ctxp-user.key is still used in the next line, which will lead to a use after free. We can call kfreesensitive after...

7.8CVSS5.5AI score0.00246EPSS
Exploits0References8
OSV
OSV
added 2025/02/26 1:56 a.m.14 views

CVE-2022-49252 ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...

7.1CVSS5.3AI score0.00246EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/02/26 1:55 a.m.9 views

CVE-2022-49177

In the Linux kernel, the following vulnerability has been resolved: hwrng: cavium - fix NULL but dereferenced coccicheck error Fix following coccicheck warning: ./drivers/char/hwrandom/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but dereferenced...

5.5CVSS5.5AI score0.00211EPSS
Exploits0
OSV
OSV
added 2025/02/26 1:54 a.m.10 views

CVE-2022-49117 mips: ralink: fix a refcount leak in ill_acc_of_setup()

In the Linux kernel, the following vulnerability has been resolved: mips: ralink: fix a refcount leak in illaccofsetup ofnodeputnp needs to be called when pdev == NULL...

5.5CVSS4.9AI score0.00237EPSS
Exploits0References9
CVE
CVE
added 2025/02/26 1:54 a.m.98 views

CVE-2022-49104

CVE-2022-49104 affects the Linux kernel, specifically the staging/vchiq_core code path. The issue is triggered when find_service_by_handle is given an invalid handle, which can return NULL and lead to a NULL pointer dereference. The description in the provided documents confirms this root cause a...

5.5CVSS6.5AI score0.00223EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder