Lucene search
K

554 matches found

UbuntuCve
UbuntuCve
added 2024/09/04 7:15 p.m.12 views

CVE-2024-44966

In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References17
OSV
OSV
added 2024/09/04 7:15 p.m.1 views

UBUNTU-CVE-2024-44966

In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2024/09/04 6:38 p.m.12 views

CVE-2024-44966 binfmt_flat: Fix corruption when not offsetting data start

In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...

7.5AI score0.0021EPSS
Exploits0References5
OSV
OSV
added 2024/09/04 6:38 p.m.13 views

CVE-2024-44966 binfmt_flat: Fix corruption when not offsetting data start

In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References9
CVE
CVE
added 2024/09/04 6:38 p.m.100 views

CVE-2024-44966

CVE-2024-44966 is a Linux kernel vulnerability involving the binfmt_flat helper. A RISC-V specific FLAT format variant reserved no space for the obsolete shared library pointer array, but initialization code was not disabled, causing corruption of sizeof(long) bytes before the DATA segment (end o...

5.5CVSS6.9AI score0.0021EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.3 views

shared Security Vulnerabilities

shared is an open source library from agreejs. A security vulnerability exists in shared version 0.0.1, which stems from the presence of prototype contamination via a function that allows an attacker to execute arbitrary code or cause a denial of service DoS by injecting arbitrary attributes...

9.8CVSS7.7AI score0.00677EPSS
Exploits0References2
OSV
OSV
added 2024/05/08 2:15 a.m.6 views

AZL-40340 CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-3

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

8.4CVSS5.7AI score0.00289EPSS
Exploits1References1
Fedora
Fedora
added 2023/12/31 2:27 a.m.35 views

[SECURITY] Fedora 39 Update: xerces-c-3.2.5-1.fc39

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

8.8CVSS7AI score0.09503EPSS
Exploits0
Fedora
Fedora
added 2023/10/23 1:25 a.m.34 views

[SECURITY] Fedora 37 Update: mingw-xerces-c-3.2.4-1.fc37

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

8.8CVSS6.8AI score0.01381EPSS
Exploits0
OSV
OSV
added 2023/09/16 2:2 p.m.12 views

OSV-2023-865 UNKNOWN in WasmEdge::Loader::SharedLibrary::load

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62387 Crash type: UNKNOWN Crash state: WasmEdge::Loader::SharedLibrary::load WasmEdge::Loader::Loader::loadModule WasmEdge::Loader::Loader::parseModule...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/16 12:0 a.m.3 views

PT-2023-36016 · Wasmedge · Wasmedge

Name of the Vulnerable Software and Affected Versions: WasmEdge affected versions not specified Description: A crash issue has been identified in WasmEdge. The crash occurs in the WasmEdge::Loader::SharedLibrary::load function, which is called by WasmEdge::Loader::Loader::loadModule and...

7AI score
Exploits0References2
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.13097 views

OpenSSH Forwarded SSH-Agent Remote Code Execution

Qualys Security Advisory CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent ======================================================================== Contents ======================================================================== Summary Background Experiments Results...

9.8CVSS7.1AI score0.76768EPSS
Exploits36
ATTACKERKB
ATTACKERKB
added 2023/07/05 8:15 p.m.4 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

6.7CVSS6.7AI score0.00215EPSS
Exploits0References3
NVD
NVD
added 2023/07/05 8:15 p.m.13 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

6.7CVSS6.6AI score0.00215EPSS
Exploits0References2
OSV
OSV
added 2023/07/05 8:15 p.m.6 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

6.7CVSS5.8AI score0.00215EPSS
Exploits0References2
Prion
Prion
added 2023/07/05 8:15 p.m.27 views

Authorization

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

4CVSS6.5AI score0.00212EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/05 8:15 p.m.33 views

Design/Logic Flaw

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

4CVSS6.6AI score0.00215EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/05 12:0 a.m.23 views

CVE-2023-27199

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

6.7AI score0.00212EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/05 12:0 a.m.10 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

7AI score0.00215EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.5 views

PT-2023-20998 · Pax · Pax A930 +1

Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell...

6.7CVSS7.1AI score0.00215EPSS
Exploits0References5
Rows per page
Query Builder