Lucene search
+L

266 matches found

RedhatCVE
RedhatCVE
added 2024/06/03 9:2 a.m.19 views

CVE-2024-36028

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio When I did memory failure tests recently, below warning occurs: DEBUGLOCKSWARNON1 WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 lockacquire+0xccb/0x1ca0...

4.7CVSS6.5AI score0.00181EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/30 3:19 p.m.24 views

CVE-2024-36028 mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio()

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio When I did memory failure tests recently, below warning occurs: DEBUGLOCKSWARNON1 WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 lockacquire+0xccb/0x1ca0...

6.4AI score0.00181EPSS
Exploits0References4
NVD
NVD
added 2024/05/19 9:15 a.m.16 views

CVE-2024-35894

In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at net/mptcp/subflow.c:1430 subflowdataready+0x147/0x1c0 Modules linked in: dummy bpftestmodO last unloaded...

7.8CVSS6.5AI score0.0022EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/19 8:34 a.m.26 views

CVE-2024-35894 mptcp: prevent BPF accessing lowat from a subflow socket.

In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at net/mptcp/subflow.c:1430 subflowdataready+0x147/0x1c0 Modules linked in: dummy bpftestmodO last unloaded...

6.4AI score0.0022EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/05/17 12:7 p.m.330 views

Exploit for OS Command Injection in Fortinet Fortisiem

CVE-2023-34992: Fortinet FortiSIEM Unauthenticated Command Inj...

9.8CVSS10AI score0.65509EPSS
Exploits1
Wiz blog
Wiz blog
added 2024/05/14 3:30 p.m.85 views

Unveiling the power of Wiz's Security Graph with automated blast radius and root cause analysis for cloud incident response

Wiz assists Incident Response IR and SOC teams with containment through automated assessment of security incidents by identifying possible root causes and calculating the potential blast radius of compromised resources...

7.4AI score
Exploits0
NVD
NVD
added 2024/05/07 7:15 a.m.16 views

CVE-2024-23808

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/07 6:26 a.m.14 views

CVE-2024-23808 Arkcompiler ets frontend has an out-of-bounds read vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference...

5.2CVSS7.9AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2024/05/07 6:26 a.m.68 views

CVE-2024-23808

CVE-2024-23808 affects OpenHarmony up to v4.0.0 and earlier. The vulnerability allows a local attacker to execute arbitrary code in pre-installed apps via a use-after-free condition, or cause denial of service through a NULL pointer dereference. The available sources consistently describe the imp...

7.8CVSS7.6AI score0.00191EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2024/05/01 6:15 a.m.45 views

CVE-2024-26932

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix double-free issue in tcpmportunregisterpd When unregister pd capabilitie in tcpm, KASAN will capture below double -free issue. The root cause is the same capabilitiy will be kfreed twice, the first time is...

7.8CVSS6.3AI score0.00216EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2024/05/01 5:35 a.m.24 views

CVE-2024-27022

In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING 1. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole immaplockwritemapping;...

7.8CVSS7.5AI score0.0027EPSS
Exploits0
Cvelist
Cvelist
added 2024/05/01 5:17 a.m.32 views

CVE-2024-26932 usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix double-free issue in tcpmportunregisterpd When unregister pd capabilitie in tcpm, KASAN will capture below double -free issue. The root cause is the same capabilitiy will be kfreed twice, the first time is...

7.7AI score0.00216EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/01 5:17 a.m.19 views

CVE-2024-26932 usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix double-free issue in tcpmportunregisterpd When unregister pd capabilitie in tcpm, KASAN will capture below double -free issue. The root cause is the same capabilitiy will be kfreed twice, the first time is...

6.7AI score0.00216EPSS
Exploits0References2
NVD
NVD
added 2024/04/03 5:15 p.m.16 views

CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

5.5CVSS6.5AI score0.00209EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/03 5:0 p.m.17 views

CVE-2024-26757 md: Don't ignore read-only array in md_check_recovery()

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

6.9AI score0.00209EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/03/01 11:8 a.m.25 views

4 Instructive Postmortems on Data Downtime and Loss

More than a decade ago, the concept of the 'blameless' postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: "One...

6.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/02/28 3:40 a.m.4 views

SUSE CVE-2024-26604

In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be found...

5.5CVSS6.5AI score0.00274EPSS
Exploits0References3
OSV
OSV
added 2024/02/26 4:28 p.m.5 views

UBUNTU-CVE-2024-26604

In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be found...

5.5CVSS5.7AI score0.00274EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/24 2:56 p.m.29 views

CVE-2024-26604 Revert "kobject: Remove redundant checks for whether ktype is NULL"

In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be found...

5.8AI score0.00274EPSS
Exploits0References3
Prion
Prion
added 2024/02/08 9:15 a.m.20 views

Cross site request forgery (csrf)

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...

5CVSS7.4AI score0.01637EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder