Lucene search
K

13682 matches found

OSV
OSV
added 2024/12/20 1:7 p.m.4 views

OESA-2024-2573 grpc security update

gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...

7.5CVSS6.8AI score0.00576EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/12/20 3:48 a.m.3 views

SUSE CVE-2024-55949

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This issue has been addressed in commit...

9.3CVSS7.1AI score0.00702EPSS
Exploits0References3
OSV
OSV
added 2024/12/19 12:0 p.m.5 views

RUSTSEC-2024-0424 Unsound usages of `core::slice::from_raw_parts_mut`

The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...

7.2AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/12/18 12:0 a.m.5 views

CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS7AI score0.00551EPSS
Exploits0References2
NVD
NVD
added 2024/12/12 12:15 p.m.15 views

CVE-2024-8233

An issue has been discovered in GitLab CE/EE affecting all versions from 9.4 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could cause a denial of service with requests for diff files on a commit or merge request...

7.5CVSS0.0075EPSS
Exploits1References2
CVE
CVE
added 2024/12/12 12:2 p.m.339 views

CVE-2024-8233

CVE-2024-8233 affects GitLab CE/EE: all versions from 9.4 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. The issue allows an attacker to cause a denial of service by sending requests for diff files on a commit or merge request. Root cause details are not fully enumerated in the provid...

7.5CVSS7.3AI score0.0075EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/12/12 2:15 a.m.22 views

CVE-2024-55652

PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the...

6.5CVSS0.00663EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.6 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab that stems from requesting a diff fi...

7.5CVSS6.6AI score0.0075EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/12/12 12:0 a.m.20 views

CVE-2024-47602

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer in th...

7.5CVSS6.5AI score0.00897EPSS
Exploits0References4
OSV
OSV
added 2024/12/11 7:18 a.m.12 views

BIT-SUBVERSION-2024-46901 Apache Subversion: mod_dav_svn denial-of-service via control characters in paths

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS3.8AI score0.01905EPSS
Exploits1References3
EUVD
EUVD
added 2024/12/09 12:31 p.m.3 views

EUVD-2024-42181

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS6.6AI score0.01905EPSS
Exploits1References3
NVD
NVD
added 2024/12/09 10:15 a.m.17 views

CVE-2024-46901

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS0.01905EPSS
Exploits1References2
OSV
OSV
added 2024/12/09 10:15 a.m.1 views

DEBIAN-CVE-2024-46901

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS5.1AI score0.01905EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2024/12/09 9:36 a.m.7 views

CVE-2024-46901

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS6.7AI score0.01905EPSS
Exploits1
CVE
CVE
added 2024/12/09 9:36 a.m.120 views

CVE-2024-46901

CVE-2024-46901 affects Apache Subversion when serving repositories via mod_dav_svn. It arises from insufficient validation of filenames against control characters, allowing authenticated users with commit access to commit a corrupted revision and disrupt repository usage. All Subversion versions ...

4.3CVSS3.9AI score0.01905EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/12/09 9:36 a.m.8 views

CVE-2024-46901

Insufficient validation of filenames against control characters in Apache Subversion repositories served via moddavsvn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including...

4.3CVSS5.1AI score0.01905EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2024/12/05 5:13 a.m.20 views

CVE-2024-53127

In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...

5.5CVSS7.6AI score0.00223EPSS
Exploits0References4
NVD
NVD
added 2024/12/04 3:15 p.m.41 views

CVE-2024-53127

In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...

5.5CVSS0.00223EPSS
Exploits0References10
OSV
OSV
added 2024/12/04 3:15 p.m.8 views

AZL-54120 CVE-2024-53127 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...

5.5CVSS7AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2024/12/04 2:20 p.m.180 views

CVE-2024-53127

CVE-2024-53127 involves the Linux kernel where the fix was to revert the change that raised max_req_size for IDMAC operations with pages bigger than 4K. Affected behavior includes panics booting kernel/rootfs from SD on Rockchip RK3566 and StarFive JH7100, and swiotlb buffer/full data corruption ...

5.5CVSS7.2AI score0.00223EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder