Lucene search
K

6047 matches found

CNNVD
CNNVD
added 2025/01/09 12:0 a.m.2 views

E-Commerce-PHP 代码注入漏洞

E-Commerce-PHP is an e-commerce application using native PHP by the individual developer Kurnia Ramadhan Putra. A code injection vulnerability exists in E-Commerce-PHP version 1.0, which stems from the parameter Name in the file /admin/createproduct.php can lead to cross-site scripting attacks...

5.4CVSS4.3AI score0.00526EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/01/08 12:20 a.m.1 views

SUSE CVE-2024-56600

In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...

7.8CVSS6.4AI score0.00236EPSS
Exploits0References50
SUSE CVE
SUSE CVE
added 2025/01/08 12:20 a.m.2 views

SUSE CVE-2024-56601

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

7.8CVSS7.7AI score0.00236EPSS
Exploits0References80
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the rawnand submodule of the mtd module, where the allocation of the "user" pointer in the...

7.8CVSS6.3AI score0.00217EPSS
Exploits0References4
OSV
OSV
added 2025/01/05 12:17 a.m.6 views

OSV-2025-4 Heap-buffer-overflow in ___interceptor_pthread_create

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386713390 Crash type: Heap-buffer-overflow READ 8 Crash state: interceptorpthreadcreate...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/01/02 12:13 p.m.4 views

MAL-2025-9 Malicious code in create-shopify-web-app (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 060088163bdd31721ea28bf31315bd2e50c4dd13215f62116756f66a3b69af83 Any computer that has this package install...

7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-52665

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1-next Description The Linux kernel contains an issue within the jbd2 journaling system. A bug can occur in the jbd2 journal get create access function when the file system is corrupted. Specifically, th...

6.6AI score0.0018EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-30870

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ipmi create user function within the IPMI message handler. An invalid pointer in the "intf" list iterator can occur if the correct "intf-intf num"...

7.8CVSS7.1AI score0.00155EPSS
Exploits0
OSV
OSV
added 2024/12/29 12:15 p.m.2 views

DEBIAN-CVE-2024-56755

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...

5.5CVSS5.6AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 12:15 p.m.0 views

UBUNTU-CVE-2024-56755

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...

5.5CVSS6.4AI score0.00203EPSS
Exploits0References20
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inetcreate in the net:inet module not clearing the dangling sk pointer, which could lead to reuse after...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References5
Snyk
Snyk
added 2024/12/28 12:30 a.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the /admin/articles/create endpoint due to improper user input sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an...

4.8CVSS5.3AI score0.00315EPSS
Exploits1References2
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

DEBIAN-CVE-2024-56606

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

7.8CVSS5.7AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.9 views

AZL-55242 CVE-2024-56606 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

7.8CVSS6.4AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.5 views

AZL-55187 CVE-2024-56606 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the so...

7.8CVSS6.7AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.0 views

DEBIAN-CVE-2024-56601

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

7.8CVSS5.7AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.7 views

AZL-55539 CVE-2024-56601 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

7.8CVSS6.3AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.9 views

AZL-55576 CVE-2024-56600 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...

7.8CVSS6.3AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.6 views

AZL-55491 CVE-2024-56600 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...

7.8CVSS6.3AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.4 views

UBUNTU-CVE-2024-56601

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

7.8CVSS6.2AI score0.00236EPSS
Exploits0References46
Rows per page
Query Builder