Lucene search
K

296 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-42083)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42083 advisory. - In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2025/01/27 7:21 a.m.11 views

BIT-RUBY-MIN-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

5.3CVSS6.3AI score0.02564EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.6 views

The vulnerability of the sub_422eb8() function in Linksys E8450 Wi-Fi router software allows a hacker to induce a service failure.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogrammed software involves copying buffers without checking the size of the input data during the strcopy parameter processing. Exploiting this vulnerability can allow an attacker to cause service interruptions...

5.5CVSS5.4AI score0.00417EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2025/01/21 1:15 p.m.22 views

CVE-2024-57943

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

7.8CVSS0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-36282

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the as73211 driver related to the handling of buffers. Specifically, the vulnerability involves ensuring that buffers are zeroed before being...

7.1CVSS7AI score0.00162EPSS
Exploits0
OSV
OSV
added 2024/12/27 2:46 p.m.9 views

CLSA-2024-1735310784 Fix CVE(s): CVE-2024-11233

SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/27 1:50 p.m.35 views

CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...

0.00217EPSS
Exploits0References3
Amazon
Amazon
added 2024/12/19 12:0 a.m.4 views

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

4.3CVSS7.1AI score0.00355EPSS
Exploits0
Amazon
Amazon
added 2024/12/12 12:0 a.m.5 views

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

4.3CVSS7.2AI score0.00355EPSS
Exploits0
Amazon
Amazon
added 2024/12/12 12:0 a.m.10 views

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

4.3CVSS7.3AI score0.00355EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.15 views

Amazon Linux 2023 : opensc (ALAS2023-2024-775)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-775 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially...

4.3CVSS6AI score0.00355EPSS
Exploits0References16
Ubuntu
Ubuntu
added 2024/11/27 5:25 p.m.243 views

USN-7131-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service...

4.7CVSS6.5AI score0.00291EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.6 views

The vulnerabilities of the ctl_write_buffer() and ctl_read_buffer() functions in the ctl subsystem of the FreeBSD operating system allow a hacker to execute arbitrary code.

The vulnerability of the ctlwritebuffer and ctlreadbuffer functions in the ctl subsystem of the FreeBSD operating system is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

9.3CVSS5.8AI score0.00601EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/20 12:0 a.m.51 views

CVE-2024-48984

CVE-2024-48984 affects MBed OS 6.16.0. The issue lies in HCI report parsing: the code dynamically determines the length of a reports list from an input byte and uses that to locate subsequent reports. It does not verify that these addresses stay within the target buffer passed to hciEvtProcessLeE...

9.8CVSS7.3AI score0.00534EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/11/19 5:19 p.m.172 views

CVE-2024-53059

Technical details (affected products, root cause, impact, fixes) for CVE-2024-53059 are not provided in the supplied connected documents. Monitor for updates from upstream advisories.

7.8CVSS6.7AI score0.00282EPSS
Exploits0References11Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.5 views

PT-2024-8773 · Intel +1 · Intel Vpl +1

Name of the Vulnerable Software and Affected Versions: Intel VPL versions prior to 24.1.4 Description: The issue is related to improper buffer restrictions in Intel VPL software, which may allow an authenticated user to potentially enable escalation of privilege via local access. This is due to t...

4.2CVSS7.1AI score0.00187EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.18 views

EulerOS 2.0 SP9 : vim (EulerOS-SA-2024-2823)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack...

5.3CVSS6.3AI score0.00363EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.8 views

The vulnerability of the Console component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows a perpetrator to cause a service failure.

The vulnerability of the Console component of the Oracle WebLogic Server application server software, part of the Oracle Fusion Middleware platform, relates to improper cleaning or release of resources due to copying of buffers without checking the size of the input data. Exploiting this...

7.8CVSS7.6AI score0.00657EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/09/25 4:11 p.m.16 views

SUSE-SU-2024:3443-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. bsc1230076 - CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. bsc1230075 - CVE-2024-45618: Uninitialized values after incorrect or...

4.3CVSS4.9AI score0.00355EPSS
Exploits0References16
OSV
OSV
added 2024/09/03 10:15 p.m.8 views

AZL-48768 CVE-2024-45616 affecting package opensc 0.23.0-5

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

3.9CVSS6.8AI score0.00355EPSS
Exploits0References1
Rows per page
Query Builder