Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
OSV
OSV
added 2026/03/09 8:50 a.m.8 views

CLSA-2026-1773046198 kernel: Fix of 31 CVEs

smb3: fix for slab out of bounds on mount to ksmbd CVE-2025-38728 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - ALSA: usb-audio: Validate UAC3 power domain descriptors, too CVE-2025-38729 - net: atm: fix /proc/net/atm/lec handling CVE-2025-38180 - tcpbpf:...

7.8CVSS7AI score0.0033EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will eventually be called to set up the device with the input layer...

7.8CVSS6.3AI score0.00152EPSS
Exploits0References3
OSV
OSV
added 2025/09/16 1:16 p.m.8 views

AZL-67422 CVE-2025-39824 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will eventually be called to set up the device with the input layer since the HIDCONNECTDEFAULT connect mask is used. During...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/01/30 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6604-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.12405EPSS
Exploits2References2
OSV
OSV
added 2024/01/29 10:27 p.m.8 views

USN-6604-2 linux-azure, linux-azure-4.15 vulnerabilities

It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service system crash. CVE-2023-1079 Jana Hofman...

7.8CVSS6.9AI score0.12405EPSS
Exploits2References7
OSV
OSV
added 2024/01/25 9:6 p.m.4 views

USN-6604-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service system crash. CVE-2023-1079 Jana Hofman...

7.8CVSS6.9AI score0.12405EPSS
Exploits2References7
Ubuntu
Ubuntu
added 2023/07/27 12:26 p.m.73 views

USN-6256-1: Linux kernel (IoT) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

7.8CVSS7.3AI score0.16642EPSS
Exploits13References2
Ubuntu
Ubuntu
added 2023/07/12 7:31 p.m.63 views

USN-6223-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.7AI score0.01377EPSS
Exploits5References2
OSV
OSV
added 2023/07/12 7:31 p.m.14 views

USN-6223-1 linux-azure-fde vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.7AI score0.01377EPSS
Exploits5References12
Ubuntu
Ubuntu
added 2023/07/12 7:9 p.m.69 views

USN-6222-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

7.8CVSS7.2AI score0.16642EPSS
Exploits12
OSV
OSV
added 2023/07/06 7:0 p.m.6 views

USN-6207-1 linux-intel-iotg vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References9
OSV
OSV
added 2023/06/22 12:41 p.m.6 views

USN-6185-1 linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-oracle, linux-raspi vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References9
Ubuntu
Ubuntu
added 2023/06/22 12:41 p.m.66 views

USN-6185-1: Linux kernel vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
OSV
OSV
added 2023/06/16 7:47 p.m.6 views

USN-6172-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References9
OSV
OSV
added 2023/06/16 4:19 p.m.11 views

USN-6171-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References10
Ubuntu
Ubuntu
added 2023/04/19 6:8 p.m.94 views

USN-6033-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01377EPSS
Exploits5
OSV
OSV
added 2023/04/19 6:8 p.m.9 views

USN-6033-1 linux-oem-6.1 vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.9AI score0.01377EPSS
Exploits5References18
RedhatCVE
RedhatCVE
added 2023/02/27 6:30 p.m.60 views

CVE-2023-1079

A use-after-free flaw was found in asuskbdbacklightset in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem. Mitigation This flaw can be...

6.8CVSS6.6AI score0.00454EPSS
Exploits0References4
0day.today
0day.today
added 2021/05/20 12:0 a.m.54 views

ASUS HID Access Service 1.0.94.0 - (AsHidSrv.exe) Unquoted Service Path Vulnerability

Exploit Title: ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path Exploit Author: Alejandra Sánchez Vendor Homepage: www.asus.com Version: 1.0.94.0 Tested on: Windows 10 Pro x64 es Description: ATK Hotkey 1.0.94.0 suffers from an unquoted search path issue impacting the servi...

0.6AI score
Exploits0
Rows per page
Query Builder