Lucene search
+L

66 matches found

CNNVD
CNNVD
added 2025/03/27 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from improper cleanup after nvmem kernel devsetname...

5.5CVSS4.5AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2025/02/26 7:0 a.m.6 views

UBUNTU-CVE-2022-49046

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check return value when calling devsetname If devsetname fails, the devname is null, check the return value of devsetname to avoid the null-ptr-deref...

5.5CVSS6.1AI score0.00251EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference due to unchecked devsetname return values...

5.5CVSS6.3AI score0.00251EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.5 views

kernel: ptp: Fix possible memory leak in ptp_clock_register()

In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptpclockregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 size 8: comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 age 13.188s hex...

5.5CVSS6.7AI score0.00237EPSS
Exploits0References5
OSV
OSV
added 2024/05/22 7:15 a.m.3 views

DEBIAN-CVE-2021-47455

In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptpclockregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 size 8: comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 age 13.188s hex...

5.5CVSS5.4AI score0.00237EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/22 7:15 a.m.12 views

CVE-2021-47455

In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptpclockregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 size 8: comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 age 13.188s hex...

5.5CVSS6AI score0.00237EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/02/28 9:15 a.m.4 views

DEBIAN-CVE-2021-46985

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we must free 'acpidevicebusid-busid' or there is a potential memory leak...

5.5CVSS5.7AI score0.00249EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...

5.5CVSS6.6AI score0.00146EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.7 views

kernel: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...

5.5CVSS6.6AI score0.00146EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/01/01 12:0 a.m.7 views

PT-2025-7974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified where the dev set name function's return value is not properly checked. If dev set name fails, dev name may return null, potential...

5.5CVSS6.1AI score0.00251EPSS
Exploits0
OSV
OSV
added 2021/12/07 10:15 p.m.7 views

CVE-2021-44148

GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/routercgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name...

6.1CVSS6.4AI score0.00648EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/05/10 12:0 a.m.4 views

PT-2024-11092 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been identified in the Linux kernel's ACPI scan functionality. The issue arises when the acpi device set name function fails, resulting in a potential memory leak if...

5.5CVSS8.4AI score0.00249EPSS
Exploits0References28
Github Security Blog
Github Security Blog
added 2019/11/12 10:59 p.m.24 views

Magento Cross-Site Scripting via Attribute Set Name

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the attribute set name when listing the products...

5.4CVSS5AI score0.00556EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2019/11/12 10:59 p.m.29 views

GHSA-XV69-F7X5-R4QW Magento Cross-Site Scripting via Attribute Set Name

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the attribute set name when listing the products...

5.4CVSS5.3AI score0.00556EPSS
Exploits0References4
Prion
Prion
added 2019/11/06 1:15 a.m.19 views

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the attribute set name when listing the products...

3.5CVSS5.1AI score0.00556EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/06 12:4 a.m.34 views

CVE-2019-8145

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into the attribute set name when listing the products...

5.4AI score0.00556EPSS
Exploits0References1
Friends Of PHP
Friends Of PHP
added 2019/10/08 12:0 a.m.64 views

PRODSECBUG-2402: Cross-Site Scripting via Attribute Set Name

More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...

5.4CVSS7.2AI score0.00556EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/01/16 6:29 p.m.7 views

UBUNTU-CVE-2019-6460

An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function recfieldsetname in the file rec-field.c in librec.a...

6.5CVSS6.9AI score0.01309EPSS
Exploits1References4
OSV
OSV
added 2019/01/16 6:29 p.m.4 views

DEBIAN-CVE-2019-6460

An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function recfieldsetname in the file rec-field.c in librec.a...

6.5CVSS7.4AI score0.01309EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/01/16 12:0 a.m.4 views

PT-2019-18103 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8 Description: An issue was discovered in GNU Recutils. There is a NULL pointer dereference in the function rec field set name in the file rec-field.c in librec.a. Recommendations: For GNU Recutils version 1.8, consider...

8.8CVSS6.8AI score0.0189EPSS
Exploits13References40
Rows per page
Query Builder