Lucene search
K

6769 matches found

OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49325

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

5.5CVSS5.5AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49325

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

5.5CVSS6.1AI score0.00246EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

UBUNTU-CVE-2022-49189

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

5.5CVSS6.2AI score0.00247EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 2:14 a.m.11 views

CVE-2022-49553 fs/ntfs3: validate BOOT sectors_per_clusters

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectorsperclusters When the NTFS BOOT sectorsperclusters field is 0x80, it represents a shift value. Make sure that the shift value is not too large before using it NTFS max cluster size is 2MB. Return...

5.5CVSS6AI score0.00239EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/02/26 2:14 a.m.11 views

CVE-2022-49553

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectorsperclusters When the NTFS BOOT sectorsperclusters field is 0x80, it represents a shift value. Make sure that the shift value is not too large before using it NTFS max cluster size is 2MB. Return...

5.5CVSS5.4AI score0.00239EPSS
Exploits0
CVE
CVE
added 2025/02/26 2:11 a.m.68 views

CVE-2022-49387

CVE-2022-49387 concerns the Linux kernel watchdog driver rzg2l_wdt. The root cause is a 32-bit overflow in timer_cycle_us that can yield 0, e.g., when a counter like 0xfff is used to compute maxval. The provided connected documents confirm a patch that promotes values to 64-bit by appending ULL t...

5.5CVSS5.6AI score0.00237EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/26 2:11 a.m.11 views

CVE-2022-49387 watchdog: rzg2l_wdt: Fix 32bit overflow issue

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 32bit overflow issue The value of timercycleus can be 0 due to 32bit overflow. For eg:- If we assign the counter value "0xfff" for computing maxval. This patch fixes this issue by appending ULL to 1024, so...

5.5CVSS5.1AI score0.00237EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/02/26 2:10 a.m.8 views

CVE-2022-49325

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

5.5CVSS5.5AI score0.00246EPSS
Exploits0
CVE
CVE
added 2025/02/26 1:56 a.m.144 views

CVE-2022-49235

CVE-2022-49235 corresponds to a Linux kernel issue where ath9k_htc uninitialized fields caused two KMSAN bugs. The reports state that in htc_connect_service() svc_meta_len and pad were not initialized (suggesting setting svc_meta_len to 0 when no service data is present) and in htc_issue_send() t...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/02/26 1:56 a.m.11 views

CVE-2022-49235 ath9k_htc: fix uninit value bugs

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htcconnectservice svcmetalen and pad are not initialized. Based on code it looks like in current sk...

5.5CVSS5.4AI score0.00253EPSS
Exploits0References12
CVE
CVE
added 2025/02/26 1:55 a.m.95 views

CVE-2022-49189

CVE-2022-49189 : In the Linux kernel (clk-rcg2, Qualcomm display pixel clock), final D calculation for the M/N ratio could fall outside the accepted range, causing underflow. The fix updates the D-value calculation to respect the valid range for given M and N, preventing underflow. Affected compo...

5.5CVSS5.4AI score0.00247EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a null pointer dereference due to unchecked devsetname return values...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.2 views

X.Org和Xwayland 资源管理错误漏洞

X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A resource management error vulnerability exists in X.Org and Xwayland that stems from evaluating chan...

7.8CVSS7.5AI score0.0035EPSS
Exploits0References3
OSV
OSV
added 2025/02/20 7:15 p.m.4 views

CVE-2023-51336

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

8.8CVSS6AI score0.00593EPSS
Exploits1References3
OSV
OSV
added 2025/02/20 5:40 p.m.4 views

USN-7278-1 openssl vulnerabilities

George Pantelakis and Alicja Kario discovered that OpenSSL had a timing side-channel when performing ECDSA signature computations. A remote attacker could possibly use this issue to recover private data. CVE-2024-13176 It was discovered that OpenSSL incorrectly handled certain memory operations...

4.3CVSS6.9AI score0.05966EPSS
Exploits0References3
OSV
OSV
added 2025/02/20 4:15 p.m.3 views

CVE-2023-51331

PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

6.5CVSS5.9AI score0.00466EPSS
Exploits2References3
OSV
OSV
added 2025/02/20 4:15 p.m.5 views

CVE-2023-51319

PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

8.8CVSS5.9AI score0.00635EPSS
Exploits2References3
OSV
OSV
added 2025/02/20 3:15 p.m.4 views

CVE-2023-51313

PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV fi...

8.8CVSS5.9AI score0.00556EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.4 views

PT-2025-7316 · Phpjabbers · Phpjabbers Meeting Room Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Meeting Room Booking System version 1.0 Description: The issue is related to a CSV Injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation on the...

8.8CVSS7.6AI score0.00593EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.5 views

PT-2025-7302 · Phpjabbers · Phpjabbers Bus Reservation System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Bus Reservation System version 1.1 Description: The issue allows an attacker to execute remote code due to insufficient input validation in the Languages section Labels any parameters field in System Options, which is used to...

8.8CVSS8AI score0.00635EPSS
Exploits2References5
Rows per page
Query Builder