Lucene search
K

4358 matches found

OSV
OSV
added 2022/04/24 8:52 p.m.8 views

GSD-2022-1001190 net: dsa: fix panic on shutdown if multi-chip tree failed to probe

net: dsa: fix panic on shutdown if multi-chip tree failed to probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/14 1:15 p.m.2 views

CVE-2022-26507

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...

9.8CVSS7.5AI score0.02545EPSS
Exploits9References3
OSV
OSV
added 2022/04/14 1:15 p.m.5 views

CVE-2022-26507

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...

9.8CVSS6.3AI score
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2022/03/31 7:0 a.m.4 views

A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.

...

5.5CVSS7.2AI score0.004EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.7 views

The vulnerability in the fs/quota/quota_tree.c component of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the fs/quota/quotatree.c component in Linux operating systems is related to the use of memory after it is freed during the checking of the block number in the fs/quota/quotatree.c file. Exploiting this vulnerability can allow an attacker to cause a service failure...

9.3CVSS6.5AI score0.01339EPSS
Exploits1References18Affected Software3
Microsoft CVE
Microsoft CVE
added 2022/03/24 7:0 a.m.7 views

In the Linux kernel before 5.15.3 fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can for example lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.

...

5.5CVSS7.2AI score0.01339EPSS
Exploits1
OSV
OSV
added 2022/03/23 8:15 p.m.1 views

DEBIAN-CVE-2021-4149

A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...

5.5CVSS5.9AI score0.004EPSS
Exploits1References1
OSV
OSV
added 2022/03/23 8:15 p.m.3 views

UBUNTU-CVE-2021-4149

A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...

5.5CVSS6.6AI score0.004EPSS
Exploits1References7
Cvelist
Cvelist
added 2022/03/23 7:46 p.m.40 views

CVE-2021-4149

A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem...

6.2AI score0.004EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/03/22 12:0 a.m.5 views

PT-2022-17319 · Tcpprep +2 · Tcpprep +2

Name of the Vulnerable Software and Affected Versions: tcpprep version 4.4.1 Description: The issue is related to a reachable assertion in the packet2tree function at tree.c in tcpprep. This assertion is assertl2len 0, indicating a potential problem when the l2len variable is not greater than 0...

7.8CVSS6.5AI score0.01918EPSS
Exploits11References32
NVD
NVD
added 2022/03/18 7:15 a.m.20 views

CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

5.5CVSS0.01339EPSS
Exploits1References6
OSV
OSV
added 2022/03/18 7:15 a.m.7 views

DEBIAN-CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

5.5CVSS6.4AI score0.01339EPSS
Exploits1References1
OSV
OSV
added 2022/03/18 7:15 a.m.2 views

UBUNTU-CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

5.5CVSS6.7AI score0.01339EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2022/03/18 7:15 a.m.40 views

CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

5.5CVSS6.7AI score0.01339EPSS
Exploits1References9
Cvelist
Cvelist
added 2022/03/18 6:22 a.m.27 views

CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

6.3AI score0.01339EPSS
Exploits1References6
OSV
OSV
added 2022/03/13 2:15 a.m.7 views

CVE-2021-45888

An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...

4.8CVSS5.8AI score0.00576EPSS
Exploits1References2
NVD
NVD
added 2022/03/13 2:15 a.m.13 views

CVE-2021-45888

An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...

4.8CVSS0.00576EPSS
Exploits1References2
Prion
Prion
added 2022/03/13 2:15 a.m.13 views

Design/Logic Flaw

An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role...

3.5CVSS5.3AI score0.00576EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2022/03/10 3:7 p.m.81 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9CVSS7.1AI score0.88106EPSS
Exploits119References9
OSV
OSV
added 2022/03/10 2:37 p.m.50 views

RLSA-2022:0819 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: improper initialization of the "flags" member of the new pipebuffer CVE-2022-0847 kernel: Use After Free in unixgc which could...

8.8CVSS8AI score0.88106EPSS
Exploits119References8
Rows per page
Query Builder