Lucene search
K

105 matches found

RedhatCVE
RedhatCVE
added 2024/09/13 10:42 a.m.14 views

CVE-2024-46708

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to prevent the boards from crashing on pin state setting, as well as for the intended state changes to take effect...

5.5CVSS7AI score0.00187EPSS
Exploits0References4
NVD
NVD
added 2024/09/13 7:15 a.m.33 views

CVE-2024-46708

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to prevent the boards from crashing on pin state setting, as well as for the intended state changes to take effect...

5.5CVSS0.00187EPSS
Exploits0References2
OSV
OSV
added 2024/09/13 7:15 a.m.7 views

UBUNTU-CVE-2024-46708

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to prevent the boards from crashing on pin state setting, as well as for the intended state changes to take effect...

5.5CVSS6.5AI score0.00187EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2024/09/13 6:33 a.m.20 views

CVE-2024-46708

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to prevent the boards from crashing on pin state setting, as well as for the intended state changes to take effect...

5.5CVSS5.6AI score0.00187EPSS
Exploits0
NVD
NVD
added 2024/08/22 2:15 a.m.30 views

CVE-2022-48910

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6mcdown at most once There are two reasons for addrconfnotify to be called with NETDEVDOWN: either the network device is actually going down, or IPv6 was disabled on the interface. If either of them...

5.5CVSS0.0021EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/07/16 11:44 a.m.26 views

CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...

0.00199EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/12 3:23 p.m.15 views

CVE-2024-30386 Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

7.1CVSS6.8AI score0.00267EPSS
Exploits0References2
OSV
OSV
added 2024/02/28 9:15 a.m.6 views

UBUNTU-CVE-2021-46978

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

7.8CVSS6.6AI score0.00241EPSS
Exploits0References7
OSV
OSV
added 2024/01/03 9:48 p.m.22 views

GHSA-27WG-99G8-2V4V Rust EVM erroneousle handles `record_external_operation` error return

Impact In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or CREATE2, in the case that the substack execution...

5.9CVSS7.4AI score0.00577EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/01/03 9:48 p.m.19 views

Rust EVM erroneousle handles `record_external_operation` error return

Impact In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or CREATE2, in the case that the substack execution...

7.5CVSS7AI score0.00577EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/01/02 10:15 p.m.15 views

CVE-2024-21629

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

7.5CVSS6.2AI score0.00577EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/01/02 9:26 p.m.3 views

CVE-2024-21629 Erroneous handling of `record_external_operation` error return

Rust EVM is an Ethereum Virtual Machine interpreter. In rust-evm, a feature called recordexternaloperation was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a CREATE or...

5.9CVSS7.1AI score0.00577EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

EFACEC BCU 500 Cross-Site Request Forgery Vulnerability

The EFACEC BCU 500 is a programmable control system from EFACEC Portugal. The EFACEC BCU 500 suffers from a cross-site request forgery vulnerability that stems from susceptibility to a cross-site request forgery CSRF attack, which could force a user to perform a state change request on an...

8.8CVSS6.7AI score0.00254EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/11/20 7:15 p.m.4 views

CVE-2023-38885

OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery CSRF protection throughout the whole app. This may allow an attacker to trick an authenticated user into performing any kind of state changing request...

8.8CVSS5.6AI score0.00365EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.4 views

kernel: drm/amd/display: fix FCLK pstate change underflow

A calculation flaw was found in the AMD display driver in the Linux kernel. When UCLK p-state is not supported, FCLK p-state change watermarks are incorrectly calculated using dummy values, potentially causing underflow. This can lead to display issues or system instability during power state...

5.8AI score0.00172EPSS
Exploits0References5
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.15 views

LiquidationQueue brings centralization risk in the contract.

Lines of code Vulnerability details Impact the owner has too much unilateral control over liquidations and can manipulate te country in the following ways: The owner of LiquidationQueue sees a profitable liquidation opportunity Before anyone else can liquidate, they use LiquidationQueue to place ...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/05 12:0 a.m.11 views

Reentrancy Vulnerability: The contract inherits from the ReentrancyGuard contract, which smay be vulnerable to reentrancy attacks if not properly handled in the contract's logic.

Lines of code Vulnerability details Impact The impact of the reentrancy vulnerability in the incrementGaugeWeight function can be summarized as follows: Loss of Funds: Attackers can drain funds from the contract or manipulate balances. Unexpected State Changes: Manipulation of variables can lead ...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.6 views

Missing store revert in case of swap error can lead to loss of funds

Lines of code Vulnerability details Impact The module is expected to have no state changes in case a swap failed, and continue to the conversion phase. It was implemented by swallowing the error with a log and continuing with the flow erc20 conversion, etc. This is the relevant code section:...

6.9AI score
Exploits0
PyPA
PyPA
added 2023/05/26 2:15 p.m.10 views

PYSEC-2023-66

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that...

6.5CVSS6.8AI score0.00941EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2023/05/26 1:44 p.m.39 views

CVE-2022-39374

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that...

6.5CVSS6.3AI score0.00941EPSS
Exploits0
Rows per page
Query Builder