Lucene search
+L

21 matches found

mscve
mscve
added 2026/04/26 8:3 a.m.6 views

mmc: vub300: fix NULL-deref on disconnect

...

5.5CVSS5.8AI score0.00117EPSS
Exploits0
osv
osv
added 2026/02/12 11:26 a.m.11 views

SUSE-SU-2026:0473-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...

7.8CVSS7.1AI score0.00519EPSS
Exploits5References299
ptsecurity
ptsecurity
added 2025/12/30 12:0 a.m.11 views

PT-2025-53964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the via-sdmmc driver. The mmc add host function may return an error, and failure to check this return value can lea...

7.8CVSS7.1AI score0.00462EPSS
Exploits2References912
nessus
nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988720 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails,...

5.5CVSS5.9AI score0.00251EPSS
Exploits0References4
debiancve
debiancve
added 2025/09/19 3:26 p.m.5 views

CVE-2025-39846

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in iodynfindioregion In iodynfindioregion, pcmciamakeresource is assigned to res and used in pcibusallocresource. There is a dereference of res in pcibusallocresource, which could lead to a...

5.5CVSS5.3AI score0.00149EPSS
Exploits0
ptsecurity
ptsecurity
added 2025/09/17 12:0 a.m.3 views

PT-2025-38163

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The mmc add host function may return an error, and failing to check this return value can lead to a memory leak. This memory leak occurs because memory allocated in mmc alloc host is n...

6.1AI score0.00185EPSS
Exploits0References10
osv
osv
added 2025/09/15 2:15 p.m.7 views

UBUNTU-CVE-2022-50251

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

5.5CVSS5.8AI score0.00149EPSS
Exploits0References12
openvas
openvas
added 2024/06/18 12:0 a.m.9 views

VMware Workstation Out-of-bounds read Vulnerability (VMSA-2024-0005) - Windows

VMware Workstation is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS5.6AI score0.00226EPSS
Exploits0References1
openvas
openvas
added 2024/06/18 12:0 a.m.12 views

VMware Fusion Out-of-bounds read Vulnerability (VMSA-2024-0005) - Mac OS X

VMware Fusion is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:fusion";...

5.9CVSS5.6AI score0.00226EPSS
Exploits0References1
osv
osv
added 2024/03/13 5:15 p.m.2 views

CVE-2024-20327

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

7.4CVSS5.8AI score0.00336EPSS
Exploits0References1
osv
osv
added 2024/02/29 1:44 a.m.0 views

CVE-2024-22251

VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID chip card interface device. A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure...

4.4CVSS5.8AI score0.00226EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/02/29 12:0 a.m.6 views

VMware Workstation Security Vulnerability

VMware Workstation is a set of virtual machine software from VMware. The software provides the ability to run multiple virtual machines with different operating systems at the same time. A security vulnerability exists in VMware Workstation and Fusion, which was discovered to contain an...

5.9CVSS7AI score0.00226EPSS
Exploits0References3
veracode
veracode
added 2019/01/15 8:57 a.m.15 views

Arbitrary Code Execution

ccid is vulnerable to arbitrary code execution attacks. The vulnerability exists as a signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to...

4.4CVSS7.2AI score0.00542EPSS
Exploits0References18Affected Software1
redhat
redhat
added 2017/08/01 2:3 p.m.4 views

Qemu: usb: integer overflow in emulated_apdu_from_guest

An integer overflow flaw was found in Quick Emulator QEMU in the CCID Card device support. The flaw could occur while passing messages via command/response packets to and from the host. A privileged user inside a guest could use this flaw to crash the QEMU process...

5.5CVSS7.4AI score0.004EPSS
Exploits0References4
gentoo
gentoo
added 2014/01/21 12:0 a.m.25 views

CCID: Arbitrary code execution

Background CCID is a generic USB Chip/Smart Card Interface Devices driver. Description CCID contains an integer overflow vulnerability in ccidserial.c. Impact A physically proximate attacker could execute arbitrary code via a smart card with a specially crafted serial number. Workaround There is ...

4.4CVSS7.2AI score0.00542EPSS
Exploits0
redhat
redhat
added 2013/09/30 8:30 p.m.5 views

CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards

Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...

4.4CVSS6.5AI score0.00542EPSS
Exploits0References4
openvas
openvas
added 2013/03/12 12:0 a.m.16 views

CentOS Update for ccid CESA-2013:0523 centos6

Check for the Version of ccid OpenVAS Vulnerability Test CentOS Update for ccid CESA-2013:0523 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.4CVSS6.3AI score0.00542EPSS
Exploits0References2
openvas
openvas
added 2012/07/09 12:0 a.m.29 views

RedHat Update for qemu-kvm RHSA-2011:1777-01

Check for the Version of qemu-kvm OpenVAS Vulnerability Test RedHat Update for qemu-kvm RHSA-2011:1777-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS6.4AI score0.02258EPSS
Exploits0References2
securityvulns
securityvulns
added 2011/01/24 12:0 a.m.71 views

[ MDVSA-2011:014 ] ccid

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:014 http://www.mandriva.com/security/ Package : ccid Date : January 20, 2011 Affected: Corporate 4.0 Problem Description: A vulnerability has been found and corrected in ccid: Signedness error in ccidserial....

4.4CVSS7.2AI score0.00542EPSS
Exploits0
debiancve
debiancve
added 2011/01/18 5:0 p.m.18 views

CVE-2010-4530

Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...

4.4CVSS7.3AI score0.00542EPSS
Exploits0
Rows per page
Query Builder