Lucene search
K

180 matches found

OSV
OSV
added 2025/01/15 1:15 p.m.5 views

UBUNTU-CVE-2024-36476

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

5.5CVSS6.2AI score0.00224EPSS
Exploits0References36
Vulnrichment
Vulnrichment
added 2025/01/15 1:10 p.m.1 views

CVE-2024-36476 RDMA/rtrs: Ensure 'ib_sge list' is accessible

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

7.5AI score0.00224EPSS
Exploits0References6
OSV
OSV
added 2025/01/07 3:35 p.m.5 views

MAL-2025-27 Malicious code in cursor-always-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 614a7726e7b2899695d56d3b75f1f9179a6fcde5654913693b20e521e476840f The OpenSSF Package Analysis project identified 'cursor-always-local' @ 1.0.2 npm as malicious. It is considered malicious because: - The packag...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/07 3:35 p.m.4 views

Malicious code in cursor-always-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 614a7726e7b2899695d56d3b75f1f9179a6fcde5654913693b20e521e476840f The OpenSSF Package Analysis project identified 'cursor-always-local' @ 1.0.2 npm as malicious. It is considered malicious because: - The packag...

6.9AI score
Exploits0
Veracode
Veracode
added 2024/10/16 8:21 a.m.16 views

Always-Incorrect Control Flow Implementation

gradio is vulnerable to Always-Incorrect Control Flow Implementation. The vulnerability is due to the improper handling of the enablemonitoring flag. An attacker can access sensitive application analytics by directly requesting the /monitoring endpoint...

4.3CVSS6.5AI score0.00323EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/27 12:39 p.m.19 views

CVE-2024-46844 um: line: always fill *error_out in setup_one_line()

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...

6.9AI score0.00256EPSS
Exploits0References8
OSV
OSV
added 2024/09/19 4:11 p.m.4 views

USN-7024-1 tgt vulnerability

It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...

5.9CVSS5.8AI score0.00547EPSS
Exploits0References2
OSV
OSV
added 2024/07/11 2:5 a.m.9 views

MAL-2024-7544 Malicious code in sap-always (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5b6d3b5acd9b98712bf1b1c0babd85de045245395e42d961a8cfd6f3fab49662 The OpenSSF Package Analysis project identified 'sap-always' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/11 2:5 a.m.2 views

Malicious code in sap-always (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5b6d3b5acd9b98712bf1b1c0babd85de045245395e42d961a8cfd6f3fab49662 The OpenSSF Package Analysis project identified 'sap-always' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2024/06/24 2:15 p.m.9 views

AZL-42919 CVE-2024-38664 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdpsub: Always register bridge We must always register the DRM bridge, since zynqmpdphpdworkfunc calls drmbridgehpdnotify, which in turn expects hpdmutex to be initialized. We do this before zynqmpdpsubdrminit since tha...

7.8CVSS5.6AI score0.00201EPSS
Exploits0References1
ICS
ICS
added 2024/06/11 6:0 a.m.41 views

Rockwell Automation ControlLogix, GuardLogix, and CompactLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, CompactLogix Vulnerability : Always-Incorrect Control Flow Implementation 2. RISK EVALUATION Successful exploitation of this vulnerability could...

8.3CVSS6.4AI score0.00311EPSS
Exploits0References10
Oracle linux
Oracle linux
added 2024/05/23 12:0 a.m.382 views

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

5.9CVSS6.8AI score0.01051EPSS
Exploits4
OSV
OSV
added 2024/05/01 1:15 p.m.1 views

DEBIAN-CVE-2024-27027

In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpllxarefdel for multiple registrations Currently, if there are multiple registrations of the same pin on the same dpll device, following warnings are observed: WARNING: CPU: 5 PID: 2212 at drivers/dpll/dpllcore.c:143...

5.5CVSS5.6AI score0.00264EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.5 views

PT-2024-8229 · Podman · Podman

Name of the Vulnerable Software and Affected Versions: Podman affected versions not specified Description: A flaw in Podman may allow an attacker to create a specially crafted container that can exhaust resources in /dev/shm by creating a large number of IPC resources. This can lead to a...

8.7CVSS9.2AI score0.00545EPSS
Exploits0References21
OSV
OSV
added 2024/02/28 9:15 a.m.2 views

UBUNTU-CVE-2021-47025

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtkiommuruntimeresume always enable the clk, even if m4udom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: 1.586104...

7.8CVSS5.7AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/02 12:0 a.m.6 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a series of chipsets from Qualcomm Incorporated USA. The Qualcomm Chipsets suffer from a security vulnerability that stems from wearable device memory corruption when processing data from AON...

7.8CVSS7AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.5 views

PT-2023-32707 · Devolutions · Devolutions Workspace

Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2023.3.2.0 and earlier Description: The issue allows an attacker with access to the Workspace application to access credentials when offline, due to offline mode being always enabled, even if permission disallow...

6.5CVSS6.3AI score0.00589EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/09/07 12:11 p.m.57 views

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

5.5CVSS5.7AI score0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/07 12:11 p.m.12 views

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

5.5CVSS6.7AI score0.00182EPSS
Exploits0References2
OSV
OSV
added 2023/08/25 12:58 a.m.4 views

CVE-2023-40179 Silverware Games vulnerable to account enumeration via inconsistent responses

Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member o...

5.3CVSS6.9AI score0.00377EPSS
Exploits0References3
Rows per page
Query Builder