Lucene search
K

9067 matches found

UbuntuCve
UbuntuCve
added 2024/10/11 3:15 p.m.10 views

CVE-2024-45397

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by...

7.5CVSS6AI score0.00438EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/10/11 3:2 a.m.1 views

SUSE CVE-2024-38229

unknown...

8.1CVSS7AI score0.02049EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/10/11 2:54 a.m.1 views

SUSE CVE-2024-43483

unknown...

7.5CVSS9.3AI score0.02833EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/10/11 12:0 a.m.13 views

CVE-2024-48958

executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst...

7.8CVSS6.7AI score0.00551EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/10/10 1:0 p.m.4 views

CVE-2024-9312

Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges...

7.5CVSS7AI score0.0028EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/10/10 7:15 a.m.7 views

CVE-2024-9781

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file...

7.8CVSS6.9AI score0.00306EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/10/09 11:15 p.m.10 views

CVE-2024-48933

A cross-site scripting XSS vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set to a non-default value that allows special HTML characters...

6.1CVSS5.9AI score0.003EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/10/09 7:15 p.m.9 views

CVE-2024-47828

ampache is a web based audio/video streaming application and file manager. A CSRF attack can be performed in order to delete objects Playlist, smartlist etc.. Cross-Site Request Forgery CSRF is an attack that forces authenticated users to submit a request to a Web application against which they a...

6.5CVSS6AI score0.00288EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/10/09 6:15 p.m.6 views

CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS5.8AI score0.00152EPSS
Exploits0References3
Wolfi
Wolfi
added 2024/10/09 3:15 p.m.18 views

CVE-2024-9675 vulnerabilities

Vulnerabilities for packages: buildah...

7.8CVSS7.1AI score0.00392EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.9 views

CVE-2024-47661

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32t to uint8t WHAT & HOW dmubrbcmd's rampingboundary has size of uint8t and it is assigned 0xFFFF. Fix it by changing it to uint8t with value of 0xFF. This fixes 2 INTEGEROVERFLOW issues...

5.5CVSS6.3AI score0.0018EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.6 views

CVE-2024-47668

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated no...

4.7CVSS6.3AI score0.00161EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.4 views

CVE-2024-47671

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmcwrite, we need to clear the structure before filling fields...

5.5CVSS6.4AI score0.00221EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.6 views

CVE-2024-47670

In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2xattrfindentry Add a paranoia check to make sure it doesn't stray beyond valid memory region containing ocfs2 xattr entries when scanning for a match. It will prevent out-of-bound access in case...

7.8CVSS6.6AI score0.00239EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.13 views

CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7AI score0.00392EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.5 views

CVE-2024-47666

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...

5.5CVSS6.4AI score0.00208EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2024/10/09 3:15 p.m.4 views

CVE-2024-47665

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUGON in IBI DMA setup Definitely condition dmagetcachealignment defined value 256 during driver initialization is not reason to BUGON. Turn that to graceful error out with -EINVAL...

5.5CVSS6.4AI score0.00207EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2024/10/09 2:15 p.m.6 views

CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

4.7CVSS6.4AI score0.00159EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2024/10/09 2:15 p.m.7 views

CVE-2024-47659

In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. So, 1...

8.8CVSS6.7AI score0.0084EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2024/10/09 12:15 p.m.10 views

CVE-2024-28168

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...

7.5CVSS6.7AI score0.01003EPSS
Exploits0References5
Rows per page
Query Builder