CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

637 matches found

RedHat Linux•added 2024/11/12 9:11 a.m.•8 views

kernel: wireguard: netlink: check for dangling peer via is_dead instead of empty list

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via isdead instead of empty list If all peers are removed via wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list with a head on the stack of...

7.8CVSS6.7AI score0.00234EPSS

Exploits0References5

RedHat Linux•added 2024/11/12 9:11 a.m.•2 views

kernel: wireguard: receive: annotate data-race around receiving_counter.counter

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receivingcounter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the data rac...

4.7CVSS6.8AI score0.00177EPSS

Exploits0References5

RedHat Linux•added 2024/11/12 9:11 a.m.•1 views

kernel: wireguard: netlink: access device through ctx instead of peer

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer-device being dereferenced. It's actually easier and faster performance-wise to instead get the device from...

5.5CVSS6.8AI score0.00236EPSS

Exploits0References5

Redos•added 2024/10/28 12:0 a.m.•29 views

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

7CVSS7.5AI score0.00689EPSS

Exploits0

BDU FSTEC•added 2024/10/11 12:0 a.m.•2 views

The vulnerability of the swap_endian() function in the WireGuard subsystem of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the swapendian function in the drivers/net/wireguard/allowedips.c sub-module of the WireGuard subsystem in the Linux operating system is related to incorrect data reading. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.3AI score0.00228EPSS

Exploits0References27Affected Software6

Tenable Nessus•added 2024/09/12 12:0 a.m.•126 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12618)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12618 advisory. - net: mana: Fix possible double free in error handling path Ma Ke Orabug: 36897038 CVE-2024-42069 - net: relax socket state check at accept time...

7.8CVSS7.4AI score0.00478EPSS

Exploits1References139

Microsoft CVE•added 2024/09/11 7:0 a.m.•2 views

wireguard: netlink: access device through ctx instead of peer

...

5.5CVSS7.3AI score0.00236EPSS

Exploits0

Tenable Nessus•added 2024/08/30 12:0 a.m.•30 views

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26951)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26951 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for...

7.8CVSS6AI score0.00234EPSS

Exploits0References2

Tenable Nessus•added 2024/08/22 12:0 a.m.•15 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42247)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42247 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned...

5.5CVSS5.9AI score0.00228EPSS

Exploits0References2

Tenable Nessus•added 2024/08/17 12:0 a.m.•30 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-068)

The version of kernel installed on the remote host is prior to 5.10.215-203.850. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-068 advisory. In the Linux kernel, the following vulnerability has been resolved: block: add check that partition leng...

8.8CVSS6.8AI score0.00907EPSS

Exploits0References94

Tenable Nessus•added 2024/08/17 12:0 a.m.•21 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2024-049 (ALASKERNEL-5.15-2024-049)

The version of kernel installed on the remote host is prior to 5.15.156-102.160. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-049 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master...

9.1CVSS6.8AI score0.01401EPSS

Exploits0References110

Microsoft CVE•added 2024/08/16 7:0 a.m.•3 views

wireguard: allowedips: avoid unaligned 64-bit memory accesses

...

5.5CVSS7.3AI score0.00228EPSS

Exploits0

RedhatCVE•added 2024/08/08 5:47 p.m.•14 views

CVE-2024-42247

In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swapendian tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned...

4.4CVSS7.1AI score0.00228EPSS

Exploits0References4