Lucene search
K

2567 matches found

Kitploit
Kitploit
added 2024/06/25 12:30 p.m.85 views

CloudBrute - Awesome Cloud Enumerator

A tool to find a company target infrastructure, files, and apps on the top cloud providers Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode. The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here Motivation ...

7.2AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.4 views

SUSE CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7CVSS7.5AI score0.00238EPSS
Exploits0References11
OSV
OSV
added 2024/06/21 11:15 a.m.10 views

AZL-48962 CVE-2024-36478 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

5.5CVSS6.8AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 11:15 a.m.1 views

UBUNTU-CVE-2024-36478

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

5.5CVSS6.1AI score0.00269EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/06/21 10:18 a.m.21 views

CVE-2024-36478 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

0.00269EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/21 10:18 a.m.10 views

CVE-2024-36478 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

6.6AI score0.00269EPSS
Exploits0References4
CVE
CVE
added 2024/06/21 10:18 a.m.117 views

CVE-2024-36478

CVE-2024-36478 affects the Linux kernel null_blk driver. The issue is a NULL pointer dereference that occurs when power and submit_queues are configured concurrently, leading to a kernel panic via a race between del_gendisk and NR HW queue updates. The fixes consolidate protection by reusing a gl...

5.5CVSS6.4AI score0.00269EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2024/06/21 6:40 a.m.22 views

Denial Of Service (DoS)

io.undertow: undertow-core is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of URL-encoded request paths for concurrent requests on the ajp-listener, which can cause the wrong path to be processed, potentially leading to Denial Of Service DoS...

7.5CVSS6.7AI score0.01702EPSS
Exploits0References9Affected Software1
SUSE CVE
SUSE CVE
added 2024/06/21 3:6 a.m.2 views

SUSE CVE-2024-38545

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xalock to protect the CQ...

4.4CVSS6.3AI score0.00252EPSS
Exploits0References20
OSV
OSV
added 2024/06/20 3:15 p.m.2 views

DEBIAN-CVE-2024-6162

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

7.5CVSS7.1AI score0.01702EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 3:15 p.m.1 views

UBUNTU-CVE-2024-6162

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

7.5CVSS7AI score0.01702EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/06/20 2:33 p.m.16 views

CVE-2024-6162

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

7.5CVSS7AI score0.01702EPSS
Exploits0
NVD
NVD
added 2024/06/20 12:15 p.m.20 views

CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7.8CVSS0.00238EPSS
Exploits0References4
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

UBUNTU-CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7.8CVSS5.8AI score0.00238EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/06/20 11:13 a.m.13 views

CVE-2022-48726 RDMA/ucma: Protect mc during concurrent multicast leaves

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

6.8AI score0.00238EPSS
Exploits0References4
CVE
CVE
added 2024/06/20 11:13 a.m.74 views

CVE-2022-48726

CVE-2022-48726 affects the Linux kernel’s RDMA/ucma code path, specifically a use-after-free in ucma_cleanup_multicast and related flows (ucma_destroy_private_ctx, ucma_write) caused by touching a concurrently freed multicast structure during a multicast leaves operation. The description notes th...

7.8CVSS8.4AI score0.00238EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/06/20 11:13 a.m.24 views

CVE-2022-48726 RDMA/ucma: Protect mc during concurrent multicast leaves

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

0.00238EPSS
Exploits0References4
OSV
OSV
added 2024/06/20 11:13 a.m.17 views

CVE-2022-48726 RDMA/ucma: Protect mc during concurrent multicast leaves

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...

7.8CVSS5.8AI score0.00238EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/06/20 12:0 a.m.23 views

CVE-2024-6162

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

7.5CVSS6.9AI score0.01702EPSS
Exploits0References2
CVE
CVE
added 2024/06/19 2:53 p.m.94 views

CVE-2021-47587

CVE-2021-47587 concerns Linux kernel net: systemport descriptor lifecycle. The vulnerability arises from a shared descriptor list across multiple TX queues where the existing per-queue locking fails to serialize writes to WRITE_PORT_{HI,LO}, allowing concurrent producers to corrupt descriptors. C...

5.5CVSS7.2AI score0.00182EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder