Lucene search
K

8527 matches found

Debian CVE
Debian CVE
added 2024/08/06 12:38 p.m.17 views

CVE-2024-7522

Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

9.1CVSS7.4AI score0.00598EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/08/06 2:2 a.m.3 views

SUSE CVE-2024-41018

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attrnames and oatbl Added out-of-bound checking for ane ATTRNAMEENTRY...

5.5CVSS7.7AI score0.0022EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/08/06 2:2 a.m.2 views

SUSE CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

5.5CVSS7.5AI score0.00268EPSS
Exploits0References3
Amazon
Amazon
added 2024/08/06 12:0 a.m.3 views

Medium: python-lxml

Issue Overview: An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this...

6.1CVSS6.8AI score0.04002EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.1 views

jfs: xattr: fix buffer overflow for invalid xattr

...

7.8CVSS7.3AI score0.00317EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/07/31 9:13 a.m.19 views

CVE-2024-41029

A vulnerability was found in the nvmem subsystem in the Linux kernel. This issue allows excessive permissions for the cell sysfs attribute, potentially exposing sensitive data beyond what is permitted for the main attribute. Mitigation Mitigation for this issue is either not available or the...

7.1CVSS6.2AI score0.00268EPSS
Exploits0References4
OSV
OSV
added 2024/07/30 8:15 a.m.2 views

DEBIAN-CVE-2024-42114

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

4.4CVSS5.5AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.1 views

UBUNTU-CVE-2024-42160

In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fsbuildfaultattr - It missed to check validation of fault attrs in parseoptions, let's fix to add check condition in f2fsbuildfaultattr. - Use f2fsbuildfaultattr in sbistore to clean up...

7.8CVSS6.5AI score0.00239EPSS
Exploits0References24
OSV
OSV
added 2024/07/30 8:15 a.m.3 views

UBUNTU-CVE-2024-42114

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

4.4CVSS6.1AI score0.00174EPSS
Exploits0References20
Cvelist
Cvelist
added 2024/07/30 7:47 a.m.33 views

CVE-2024-42160 f2fs: check validation of fault attrs in f2fs_build_fault_attr()

In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fsbuildfaultattr - It missed to check validation of fault attrs in parseoptions, let's fix to add check condition in f2fsbuildfaultattr. - Use f2fsbuildfaultattr in sbistore to clean up...

0.00239EPSS
Exploits0References5
OSV
OSV
added 2024/07/29 6:15 p.m.2 views

DEBIAN-CVE-2024-42091

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid future use case and will cause NPD when...

5.5CVSS4.8AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.4 views

AZL-47980 CVE-2024-41076 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4setsecuritylabel We leak nfsfattr and nfs4label every time we set a security xattr...

5.5CVSS6.7AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.1 views

DEBIAN-CVE-2024-41076

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4setsecuritylabel We leak nfsfattr and nfs4label every time we set a security xattr...

5.5CVSS5.5AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.1 views

DEBIAN-CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

5.5CVSS6.1AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.3 views

UBUNTU-CVE-2024-41076

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4setsecuritylabel We leak nfsfattr and nfs4label every time we set a security xattr...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References17
OSV
OSV
added 2024/07/29 3:15 p.m.3 views

UBUNTU-CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmem data than the main attribute itself. For example if nvmeconfig::rootonly was set, the cell...

5.5CVSS5.7AI score0.00268EPSS
Exploits0References15
CVE
CVE
added 2024/07/29 2:31 p.m.68 views

CVE-2024-41029

CVE-2024-41029 — Linux kernel (nvmem/core) Affected: Linux kernel components handling non-volatile memory (nvmem). Issue: the cell sysfs attribute could expose more access to nvmem data than the main attribute, e.g., when nvme_config::root_only was set, the cell attribute still allowed reads for ...

5.5CVSS6.4AI score0.00268EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/07/29 7:15 a.m.3 views

DEBIAN-CVE-2024-41017

In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the unit sysfs attribute should not provide more access to nvmem data than the main attribute...

5.5CVSS7.1AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check before traversing the members of the ealist to ensure that each ea remains within the scope o...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References10
Rows per page
Query Builder