Lucene search
K

2566 matches found

OSV
OSV
added 2024/04/12 11:7 a.m.8 views

OESA-2024-1407 cri-o security update

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 A...

7.5CVSS6.7AI score0.93305EPSS
Exploits4References4
OSV
OSV
added 2024/04/12 11:7 a.m.4 views

OESA-2024-1408 cri-o security update

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. Security Fixes: A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the...

7.5CVSS6.8AI score0.93305EPSS
Exploits4References3
OSV
OSV
added 2024/04/12 11:7 a.m.10 views

OESA-2024-1386 ignition security update

Ignition is a utility used to manipulate systems during the initramfs. This includes partitioning disks, formatting partitions, writing files regular files, systemd units, etc., and configuring users. On first boot, Ignition reads its configuration from a source of truth remote URL, network...

7.5CVSS8.2AI score0.03796EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.3 views

OESA-2024-1385 ignition security update

Ignition is a utility used to manipulate systems during the initramfs. This includes partitioning disks, formatting partitions, writing files regular files, systemd units, etc., and configuring users. On first boot, Ignition reads its configuration from a source of truth remote URL, network...

7.5CVSS8.2AI score0.03796EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/04/12 7:36 a.m.664 views

Exploit for CVE-2023-45288

PoC for CVE-2023-45288 This is a proof-of-concept code for th...

7.5CVSS7.3AI score0.91969EPSS
Exploits1
GithubExploit
GithubExploit
added 2024/04/10 12:27 a.m.328 views

Exploit for Command Injection in Dlink Dns-320L_Firmware

D-Link NAS Command Execution Exploit This Python script explo...

9.8CVSS7.9AI score0.99997EPSS
Exploits8
SUSE CVE
SUSE CVE
added 2024/04/06 1:59 a.m.3 views

SUSE CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

5.5CVSS6.7AI score0.00828EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/04/04 8:20 a.m.16 views

CVE-2024-26785 iommufd: Fix protection fault in iommufd_test_syz_conv_iova

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufdtestsyzconviova Syzkaller reported the following bug: general protection fault, probably for non-canonical address 0xdffffc0000000038: 0000 1 SMP KASAN KASAN: null-ptr-deref in range...

6.8AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

DEBIAN-CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

5.3CVSS5.8AI score0.00828EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 5:15 p.m.3 views

UBUNTU-CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

5.3CVSS5.7AI score0.00828EPSS
Exploits0References7
OSV
OSV
added 2024/04/03 3:15 p.m.4 views

UBUNTU-CVE-2024-26685

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal condition of the buffer asyncwrite flag and cause a BUGO...

5.5CVSS6.2AI score0.0025EPSS
Exploits0References29
OSV
OSV
added 2024/04/03 1:16 p.m.1 views

CVE-2023-52296

IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547...

5.3CVSS5.8AI score0.00625EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.4 views

PT-2024-14508 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server version 11.5 Description: The issue is related to a denial of service condition that can occur when querying a specific UDF built-in function concurrently. Recommendations: For I...

5.3CVSS9.4AI score0.00625EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.4 views

IBM Db2 输入验证错误漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from an input validation error vulnerability that stems from the susceptibility to denial-of-service attacks wh...

5.3CVSS8.9AI score0.00625EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/02 5:26 p.m.5 views

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.9AI score0.00767EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/02 4:4 p.m.1 views

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.9AI score0.00767EPSS
Exploits0References6
OSV
OSV
added 2024/03/26 10:33 p.m.4 views

CLSA-2024-1711492417 Fix CVE(s): CVE-2024-0985

SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985...

8CVSS6AI score0.01465EPSS
Exploits0References1
OSV
OSV
added 2024/03/22 6:44 p.m.19 views

GO-2024-2654 Denial of service in github.com/argoproj/argo-cd/v2

Application may crash due to concurrent writes, leading to a denial of service. An attacker can crash the application continuously, making it impossible for legitimate users to access the service. Authentication is not required in the attack...

7.5CVSS6.1AI score0.01176EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/03/19 6:9 p.m.3 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
CNVD
CNVD
added 2024/03/19 12:0 a.m.3 views

AMD CPU Competitive Conditions Vulnerability

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from a competitive condition vulnerability that arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during operation of a networked system or product. An attacker...

5.7CVSS7.2AI score0.01231EPSS
Exploits0References1
Rows per page
Query Builder