Lucene search
K

170 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:3 p.m.10 views

CVE-2018-11271

Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607,...

9.8CVSS7.4AI score0.00807EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:27 a.m.6 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5CVSS6.9AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.3 views

CVE-2019-15714

cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations...

5.3CVSS7.1AI score0.01819EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: scsi: ufs: core: Fix handling of lrbp->cmd

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

7.8CVSS6.7AI score0.00144EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/08 10:10 a.m.18 views

CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver...

7.8CVSS7.3AI score0.00094EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/06 9:15 a.m.3 views

CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver...

7.8CVSS5.8AI score0.00094EPSS
Exploits0References2
NVD
NVD
added 2025/05/06 9:15 a.m.27 views

CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver...

7.8CVSS0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/06 8:32 a.m.9 views

CVE-2024-45568 Buffer Over-read in Camera Driver

Memory corruption due to improper bounds check while command handling in camera-kernel driver...

6.7CVSS7.2AI score0.00094EPSS
Exploits0References1
CVE
CVE
added 2025/05/06 8:32 a.m.54 views

CVE-2024-45568

CVE-2024-45568 affects Qualcomm camera-kernel drivers. Root cause: improper bounds checking during command handling leading to memory corruption. Documented impact includes high confidentiality, integrity, and availability risks; local attack vector with low complexity (Privileges: LOW) and no us...

7.8CVSS6.8AI score0.00094EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.9 views

Mydata Ticket Sales Automation SQL注入漏洞

Mydata Ticket Sales Automation is a ticket sales automation system from Mydata. A SQL injection vulnerability exists in Mydata Ticket Sales Automation versions prior to 03.04.2025, which stems from improperly neutralized SQL commands and could lead to blind SQL injection...

9.8CVSS7.8AI score0.00407EPSS
Exploits0References2
OSV
OSV
added 2025/04/16 8:15 p.m.11 views

CVE-2025-3723

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component MDTM Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

9.8CVSS6.1AI score0.00658EPSS
Exploits1References4
NVD
NVD
added 2025/04/01 4:15 p.m.10 views

CVE-2025-21969

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

7.8CVSS0.0018EPSS
Exploits0References4
CVE
CVE
added 2025/03/11 1:40 p.m.52 views

CVE-2025-22367

The CVE-2025-22367 affects Mennekes Smart/Premium Chargingpoints firmware. The issue arises from theAuthenticated time setting capability, where OS commands are not properly neutralized when certain fields reach the underlying OS, enabling potential command execution. Documented in Multiple sourc...

8.7CVSS6.7AI score0.00559EPSS
Exploits0References3
OSV
OSV
added 2025/03/06 3:53 p.m.14 views

CVE-2024-58055 usb: gadget: f_tcm: Don't free command immediately

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ftcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command...

7.8CVSS7.1AI score0.00223EPSS
Exploits0References13
CVE
CVE
added 2025/03/06 3:53 p.m.160 views

CVE-2024-58055

Mode C: The connected Astra Linux bulletin corroborates the CVE-2024-58055 issue in the Linux kernel USB gadget f_tcm: the bug is a double-free caused by freeing the command before the sense/status completion. The fix is a kernel patch that prevents premature command free; the advisory notes the ...

7.8CVSS7.4AI score0.00223EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2025/03/04 2:26 a.m.9 views

Arbitrary IRC Command Execution

matrix-appservice-irc is vulnerable to arbitrary IRC command execution. The vulnerability is due to improper command handling, which allows an attacker to inject and execute arbitrary IRC commands as their own puppeted user...

4.3CVSS8AI score0.00354EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.6 views

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a transient denial of service when processing UCI commands...

5.5CVSS6.7AI score0.00096EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/02/27 2:7 a.m.7 views

CVE-2024-57992

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: unregister wiphy only if it has been registered There is a specific error path in probe functions in wilc drivers both sdio and spi which can lead to kernel panic, as this one for example when using SPI: Unable to...

5.5CVSS5.5AI score0.00163EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/02/26 2:10 a.m.12 views

CVE-2022-49335

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...

5.5CVSS5.7AI score0.00262EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 10:22 p.m.10 views

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMIREQUESTSTATSCMDID command...

8.4CVSS7.2AI score0.00116EPSS
Exploits0References1
Rows per page
Query Builder