Lucene search
K

7041 matches found

SUSE CVE
SUSE CVE
added 2025/02/27 3:12 a.m.4 views

SUSE CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

3.3CVSS6.5AI score0.00252EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/02/27 2:12 a.m.17 views

CVE-2025-21754 btrfs: fix assertion failure when splitting ordered extent after transaction abort

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion failure when splitting ordered extent after transaction abort If while we are doing a direct IO write a transaction abort happens, we mark all existing ordered extents with the BTRFSORDEREDIOERR flag done at...

0.00213EPSS
Exploits0References4
CVE
CVE
added 2025/02/27 2:12 a.m.108 views

CVE-2025-21754

The CVE-2025-21754 affects Linux kernel btrfs behavior. When a direct IO write triggers a transaction abort, ordered extents are marked with BTRFS_ORDERED_IOERR, and if an ordered extent still has bytes remaining, btrfs_split_ordered_extent() asserts on flags. The documented root cause is an asse...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the btrfssplitorderedextent function not properly handling the BTRFSORDEREDIOERR flag when handling a...

5.5CVSS6.5AI score0.00213EPSS
Exploits0References6
OSV
OSV
added 2025/02/26 7:0 a.m.1 views

DEBIAN-CVE-2022-49089

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

4.7CVSS5.3AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

DEBIAN-CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

UBUNTU-CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/02/26 1:54 a.m.13 views

CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

0.00156EPSS
Exploits0References6
OSV
OSV
added 2025/02/26 1:54 a.m.9 views

CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

4.7CVSS5.2AI score0.00156EPSS
Exploits0References9
OSV
OSV
added 2025/02/25 3:15 p.m.2 views

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

5.7CVSS5.8AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.5 views

PT-2025-7887

Name of the Vulnerable Software and Affected Versions FlexRIC version 2.0.0 Description An issue was discovered that causes FlexRIC to crash during a denial-of-service DoS attack. This is triggered by an assertion error when an attacker sends a high number of E42 Subscription Requests to the...

5.7CVSS5.4AI score0.0023EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/25 12:0 a.m.5 views

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

5.5AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/25 12:0 a.m.9 views

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.5 views

FlexRIC 安全漏洞

FlexRIC is a RAN Intelligent Controller open-sourced by Mosaic5G. A security vulnerability exists in FlexRIC version 2.0.0 that stems from the presence of an assertion error that could lead to a denial of service DoS...

5.7CVSS6.5AI score0.0023EPSS
Exploits0References2
Veracode
Veracode
added 2025/02/24 1:41 p.m.3 views

Authentication Bypass

CIE.AspNetCore.Authentication is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation due to a flaw in the handling of SAML assertions, allowing an attacker to inject a signed element that bypasses verification and enables impersonation of any Spid or CIE...

9.1CVSS6.9AI score0.0056EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/18 6:39 p.m.7 views

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

9.1CVSS6.7AI score0.0056EPSS
Exploits0References3
OSV
OSV
added 2025/02/18 6:39 p.m.5 views

CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication

SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...

9.1CVSS6.8AI score0.0056EPSS
Exploits0References3
CNVD
CNVD
added 2025/02/18 12:0 a.m.3 views

GNU C Library Buffer Overflow Vulnerability

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...

7.5CVSS6.6AI score0.00349EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.3 views

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from a reachable assertion triggered by a specially crafted AAC file, which could lead to a denial of service...

6.5CVSS5.7AI score0.00393EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/18 12:0 a.m.6 views

CVE-2025-22919

A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...

6.5CVSS5.7AI score0.00393EPSS
Exploits0
Rows per page
Query Builder