Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2026/04/04 6:33 a.m.11 views

libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers

Summary found that libp2p-rendezvous server has no limit on how many namespaces a single peer can register. a malicious peer can just keep registering unique namespaces in a loop and the server happily accepts every single one allocating memory for each registration with no pushback. keep doing...

7.5CVSS5.5AI score0.00395EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2025/09/18 4:4 p.m.31 views

CVE-2022-50419

CVE-2022-50419 concerns the Linux kernel Bluetooth subsystem, specifically the hci_sysfs path. The public description states that the issue arises from attempting to call device_add multiple times for a single device structure, violating documented expectations that device_add() (and device_regis...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-49686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix list double add in uvcgvideopump A panic can occur if the endpoint...

7.8CVSS5.4AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:15 a.m.4 views

UBUNTU-CVE-2022-49999

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing spacecache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" EEXIST errors. 2. Missing free space info...

7.8CVSS6.1AI score0.00211EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a double-add problem in uvcgvideopump...

7.8CVSS5.5AI score0.00234EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid adding an interface to the list twice when SER occurs. If SER L2 occurs during the WoWLAN resume flow, the interface addition process is triggered by ieee80211reconfig. However, due to the return failure of...

5.5CVSS6.3AI score0.00235EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/08/24 2:30 a.m.3 views

SUSE CVE-2020-22218

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory...

7.5CVSS7AI score0.00914EPSS
Exploits0References9
OSV
OSV
added 2023/08/22 7:16 p.m.4 views

DEBIAN-CVE-2020-26683

A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information...

5.5CVSS5.4AI score0.00282EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2022/11/09 8:0 a.m.3 views

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword which is mishandled because arithmetic ADD is used instead of bitwise OR.

...

7.8CVSS7.6AI score0.00658EPSS
Exploits5
Rows per page
Query Builder