Lucene search
K

149 matches found

OSV
OSV
added 2024/03/18 11:15 a.m.3 views

UBUNTU-CVE-2023-52618

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

5.3CVSS6AI score0.00738EPSS
Exploits0References22
Cvelist
Cvelist
added 2024/03/18 10:19 a.m.28 views

CVE-2023-52618 block/rnbd-srv: Check for unlikely string overflow

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

7.6AI score0.00738EPSS
Exploits0References6
CVE
CVE
added 2024/03/18 10:19 a.m.118 views

CVE-2023-52618

CVE-2023-52618 affects the Linux kernel’s block/rnbd-srv path. The issue stems from copying dev_search_path and a second string into full_path, each sized PATH_MAX, which could truncate. The root cause was a potential truncation in snprintf(full_path, PATH_MAX, "%s/%s", dev_search_path, dev_name)...

5.3CVSS6.1AI score0.00738EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/18 10:19 a.m.22 views

CVE-2023-52618 block/rnbd-srv: Check for unlikely string overflow

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

6.7AI score0.00738EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/03/18 10:19 a.m.22 views

CVE-2023-52618

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

5.3CVSS7.2AI score0.00738EPSS
Exploits0
OSV
OSV
added 2024/03/18 10:19 a.m.5 views

CVE-2023-52618 block/rnbd-srv: Check for unlikely string overflow

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflow Since "devsearchpath" can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into "fullpath" since it was also PATHMAX sized...

5.3CVSS5.9AI score0.00738EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.3 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a string overflow vulnerability in block/rnbd-srv...

5.3CVSS4.8AI score0.00738EPSS
Exploits0References9
OSV
OSV
added 2024/02/23 2:46 p.m.5 views

CVE-2023-52464 EDAC/thunderx: Fix possible out-of-bounds string access

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat: drivers/edac/thunderxedac.c: In function 'thunderxocxcomthreadedisr':...

7.8CVSS5.9AI score0.00266EPSS
Exploits0References13
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.5 views

Asrmicro ASR1803, ASR1806 Security Vulnerabilities

The Asrmicro ASR1803 and Asrmicro ASR1806 are both chips from Avantage Technology Asrmicro, a Chinese company. A security vulnerability exists in the Asrmicro ASR1803, ASR1806, which stems from a security best practice violation whereby string operations in streaming media will write to the end o...

7.5CVSS7AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2023/10/26 8:25 p.m.8 views

CLSA-2023-1698351940 vim: Fix of 2 CVEs

CVE-2023-5441: segfault in exmode - CVE-2023-5344: buffer overflow in truncstring...

7.5CVSS6.9AI score0.0119EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.3 views

SUSE CVE-2008-4575

Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service crash via 1 a long -cmd argument and 2 unspecified vectors related to "a bunch of potential string overflows."...

5CVSS7.1AI score0.01725EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.2 views

SUSE CVE-2018-14598

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS segmentation fault...

6.5CVSS7AI score0.04229EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2022/10/26 8:5 p.m.6 views

expat: Integer overflow in copyString()

An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...

7.5CVSS7.3AI score0.04654EPSS
Exploits0References5
OSV
OSV
added 2022/08/17 5:26 p.m.14 views

CLSA-2022-1660757175 Fixed 15 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

9.8CVSS7.2AI score0.34174EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2022/06/09 12:0 a.m.44 views

git -- Multiple vulnerabilities

This release contains 2 security fixes: CVE-2022-39253 When relying on the --local clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks or copies of the dereferenced link in the destination repository. This can lead to surprising behavior where...

8.8CVSS8.5AI score0.02938EPSS
Exploits1References1
OSV
OSV
added 2021/12/27 5:36 a.m.12 views

GSD-2021-1002689 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by commit...

7.5AI score
Exploits0
OSV
OSV
added 2021/12/27 5:35 a.m.14 views

GSD-2021-1002665 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

7.5AI score
Exploits0
OSV
OSV
added 2021/12/27 5:31 a.m.15 views

GSD-2021-1002645 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

7.5AI score
Exploits0
OSV
OSV
added 2021/12/27 5:28 a.m.17 views

GSD-2021-1002630 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

firmware: armscpi: Fix string overflow in SCPI genpd driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.259 by commit...

7.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/10/19 1:52 p.m.5 views

redis: Integer overflow issue with strings

An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...

7.5CVSS7.7AI score0.03422EPSS
Exploits0References5
Rows per page
Query Builder