Lucene search
K

13682 matches found

Cvelist
Cvelist
added 2024/11/19 1:30 a.m.38 views

CVE-2024-50301 security/keys: fix slab-out-of-bounds in key_task_permission

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in kuidval include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uideq include/linux/uidgid.h:63...

0.00272EPSS
Exploits0References8
CVE
CVE
added 2024/11/19 1:30 a.m.87 views

CVE-2024-50293

Technical details about CVE-2024-50293 (net/smc dangling sk in __smc_create) are not publicly provided in the supplied documents. Monitor for updates from official advisories.

7.8CVSS6.4AI score0.00213EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/11/19 1:30 a.m.16 views

CVE-2024-50293

In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...

7.8CVSS6.2AI score0.00213EPSS
Exploits0
Cvelist
Cvelist
added 2024/11/19 1:30 a.m.26 views

CVE-2024-50293 net/smc: do not leave a dangling sk pointer in __smc_create()

In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...

0.00213EPSS
Exploits0References2
OSV
OSV
added 2024/11/19 1:30 a.m.19 views

CVE-2024-50293 net/smc: do not leave a dangling sk pointer in __smc_create()

In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in smccreate Thanks to commit 4bbd360a5084 "socket: Print pf-create when it does not clear sock-sk on failure.", syzbot found an issue with AFSMC: smccreate must clear sock-sk on failur...

7.8CVSS6.9AI score0.00213EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/18 8:35 p.m.10 views

CVE-2024-52583 WesHacks code includes links to Leostop tracking spyware infested files

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page schedule.html before 17 November 2024 or commit 93dfb83 contains links to Leostop, a site that hosts a malicious injected JavaScript file that occurs when...

8.2CVSS7AI score0.00201EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/18 8:35 p.m.22 views

CVE-2024-52583 WesHacks code includes links to Leostop tracking spyware infested files

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page schedule.html before 17 November 2024 or commit 93dfb83 contains links to Leostop, a site that hosts a malicious injected JavaScript file that occurs when...

8.2CVSS0.00201EPSS
Exploits0References3
NVD
NVD
added 2024/11/18 2:15 p.m.22 views

CVE-2024-9526

There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI. The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The description field allows html tags, which are not filtered properly. Leading to a stored XSS. We...

7.1CVSS0.00207EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 1:30 p.m.49 views

CVE-2024-9526

CVE-2024-9526 describes a stored XSS in Kubeflow Pipeline View web UI. The vulnerability stems from the description field in the pipeline creation form, which allows HTML tags that are not properly filtered, enabling stored cross-site scripting. Multiple sources (NVD entry, SUSE security advisory...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/18 1:30 p.m.13 views

CVE-2024-9526 Stored XSS in Kubeflow Pipeline View

There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI. The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The description field allows html tags, which are not filtered properly. Leading to a stored XSS. We...

7.1CVSS5.9AI score0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.4 views

PT-2024-35380 · Unknown · Weshacks Github Repository

Name of the Vulnerable Software and Affected Versions: WesHacks GitHub repository versions prior to 17 November 2024 or commit 93dfb83 Description: The issue concerns the presence of links to Leostop, a site potentially hosting malicious injected JavaScript files, in the schedule.html page of the...

8.2CVSS7.2AI score0.00201EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: ext4: regenerate buddy after block freeing failed if under fc replay

A flaw was found in the Linux kernel's ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks...

5.5CVSS6.8AI score0.00278EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: Reapply "drm/qxl: simplify qxl_fence_wait"

In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxlfencewait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunately, the most I ever got o...

5.5CVSS6.8AI score0.00164EPSS
Exploits0References5
CVE
CVE
added 2024/11/11 7:10 p.m.49 views

CVE-2024-52288

LibOSDP (C library with C++, Rust, Python3 bindings) is affected by CVE-2024-52288: under affected versions, an RMAC_I/RMAC_I-like artifact may be injected into an active OSDP stream, allowing a MITM attacker to capture RMAC_I replies and later replay messages, effectively reverting the RMAC to t...

5.1CVSS5.1AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2024/11/11 7:10 p.m.7 views

CVE-2024-52288 RMAC revert to the beginning of the session in libosdp

libosdp is an implementation of IEC 60839-11-5 OSDP Open Supervised Device Protocol and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected REPLYCCRYPT or REPLYRMACI may be introduced into an active stream when they should not be. Once RMACI message can...

5.1CVSS6.6AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/11 1:58 p.m.21 views

CVE-2024-50263 fork: only invoke khugepaged, ksm hooks if no error

In the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in commit d24062914837 "fork: use mtdup to duplicate maple tree in dupmma...

0.00204EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/09 10:14 a.m.22 views

CVE-2024-50229 nilfs2: fix potential deadlock with newly created symlinks

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that pagesymlink, called by nilfssymlink, triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among...

0.00206EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2024/11/09 8:0 a.m.3 views

drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

...

5.5CVSS6.8AI score0.00248EPSS
Exploits0
OSV
OSV
added 2024/11/09 12:30 a.m.2 views

GHSA-FMQ6-4W57-2W3V wasm3 uncontrolled memory allocation vulnerability

wasm3 at commit 139076a contains a memory leak in the Readutf8 function...

8.4CVSS5.9AI score0.00266EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/09 12:0 a.m.11 views

wasm3 uncontrolled memory allocation vulnerability

wasm3 at commit 139076a contains a memory leak in the Readutf8 function...

8.4CVSS6.8AI score0.00266EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder