Lucene search
K

49 matches found

UbuntuCve
UbuntuCve
added 2024/11/08 6:15 a.m.11 views

CVE-2024-50176

In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should be initialized. E.g., this could cause the first cor...

5.5CVSS6.4AI score0.0022EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2024/11/07 10:15 a.m.11 views

CVE-2024-50149

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't free job in TDR Freeing job in TDR is not safe as TDR can pass the runjob thread resulting in UAF. It is only safe for free job to naturally be called by the scheduler. Rather free job in TDR, add to pending list...

7.8CVSS5.9AI score0.00201EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/10/21 8:15 p.m.7 views

CVE-2024-50039

In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using qdiscpktlenskb on the assumption it is invariant between the enqueue and dequeue handlers. Unfortunately syzbot can crash a host rather easily...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References40
UbuntuCve
UbuntuCve
added 2024/10/21 6:15 p.m.10 views

CVE-2024-49960

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

7.8CVSS6.4AI score0.00277EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2024/10/15 8:15 p.m.11 views

CVE-2024-21210

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

3.7CVSS6.8AI score0.00827EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2024/09/10 12:0 a.m.12 views

CVE-2024-8645

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file...

5.5CVSS6.7AI score0.00207EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/07/22 3:15 p.m.12 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS6.4AI score0.25924EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/03/14 4:42 a.m.8 views

CVE-2023-25617 OS Command Execution vulnerability in SAP Business Objects Business Intelligence Platform (Adaptive Job Server)

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

9CVSS9.2AI score0.00926EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/03/16 3:0 p.m.35 views

CVE-2016-10187

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript...

5.5CVSS5.3AI score0.02793EPSS
Exploits1
Rows per page
Query Builder