Lucene search
K

6046 matches found

OSV
OSV
added 2024/11/09 11:15 a.m.6 views

AZL-53007 CVE-2024-50243 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...

5.5CVSS6.8AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/11/09 11:15 a.m.6 views

AZL-53100 CVE-2024-50243 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...

5.5CVSS6.8AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/11/09 11:15 a.m.1 views

DEBIAN-CVE-2024-50243

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...

5.5CVSS5.7AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/11/09 11:15 a.m.6 views

UBUNTU-CVE-2024-50243

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix general protection fault in runismappedfull Fixed deleating of a non-resident attribute in ntfscreateinode rollback...

5.5CVSS6.6AI score0.00218EPSS
Exploits0References18
Microsoft CVE
Microsoft CVE
added 2024/11/09 8:0 a.m.7 views

ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()

...

6.7AI score
Exploits0
NVD
NVD
added 2024/11/08 6:15 a.m.18 views

CVE-2024-50186

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

7.8CVSS0.00231EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/11/08 5:38 a.m.1 views

CVE-2024-50186 net: explicitly clear the sk pointer, when pf->create fails

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

7.6AI score0.00231EPSS
Exploits0References5
CVE
CVE
added 2024/11/08 5:38 a.m.163 views

CVE-2024-50186

CVE-2024-50186 : Linux kernel vulnerability in net: explicitly clear the sk pointer when pf->create fails. Root cause: some pf->create implementations do not NULL the freed sk object in error paths, leaving a dangling pointer and enabling Use-After-Free. Fix: explicitly NULL the sk pointer ...

7.8CVSS6.4AI score0.00231EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/11/08 5:38 a.m.17 views

CVE-2024-50186 net: explicitly clear the sk pointer, when pf->create fails

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

7.8CVSS6.1AI score0.00231EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.4 views

The vulnerability of the `ff_v4l2_m2m_create_context` function in the `v4l2_m2m.c` component of the FFmpeg multimedia library occurs due to improper memory release before deleting the last reference. This allows a malicious actor to trigger a service failure.

The vulnerability of the ffv4l2m2mcreatecontext function in the v4l2m2m.c component of the FFmpeg multimedia library is related to improper memory release before deleting the last pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS6.6AI score0.01002EPSS
Exploits1References8Affected Software3
CNNVD
CNNVD
added 2024/11/07 12:0 a.m.5 views

Devtron SQL注入漏洞

Devtron is a Kubernetes cloud-native tool integration platform open-sourced by Devtron. A SQL injection vulnerability exists in Devtron prior to version 0.7.2, which stems from an authenticated user being able to execute malicious SQL queries via the CreateUser interface...

8.8CVSS7.6AI score0.00748EPSS
Exploits1References1
OSV
OSV
added 2024/11/06 6:31 p.m.11 views

GHSA-HV6M-QJ65-26Q3 UnoPim Cross-site Scripting vulnerability

UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies...

6.1CVSS5.1AI score0.0037EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/11/06 6:31 p.m.16 views

UnoPim Cross-site Scripting vulnerability

UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies...

5.4CVSS5.3AI score0.0037EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/11/06 5:15 p.m.4 views

CVE-2024-50637

UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting XSS in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies...

5.4CVSS5.3AI score
Exploits0References3
Snyk
Snyk
added 2024/11/06 12:41 p.m.4 views

Open Redirect

Overview symfony/http-foundation is a component defines an object-oriented layer for the HTTP specification. Affected versions of this package are vulnerable to Open Redirect in the Request::create function, which improperly handles special characters in a URI. Remediation Upgrade...

6.9CVSS6.9AI score0.00565EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/11/06 3:56 a.m.4 views

SUSE CVE-2024-39721

An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely even after the HTTP request is aborted...

7.5CVSS6.9AI score0.02683EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.4 views

UnoPim 安全漏洞

UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim 0.1.3 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the Create User function that allows an...

5.4CVSS5.2AI score0.0037EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.4 views

The vulnerability of the xe_device_create() function in the Intel Xe kernel driver for Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the xedevicecreate function in the drivers/gpu/drm/xe/xedevice.c file of the Intel Xe driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS7.2AI score0.00245EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.4 views

The vulnerability of the ltdc_plane_create() function in the Linux operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ltdcplanecreate function in the drivers/gpu/drm/stm/ltdc.c file of the Linux kernel is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protecte...

7.8CVSS7.2AI score0.00239EPSS
Exploits0References19Affected Software4
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.8 views

PT-2024-34372 · Unopim · Unopim

Name of the Vulnerable Software and Affected Versions: UnoPim versions 0.1.3 and below Description: The issue is related to Cross Site Scripting XSS in the Create User function, allowing attackers to perform XSS via an SVG document. This can be used to steal cookies. The vulnerability is exploite...

5.4CVSS4.8AI score0.0037EPSS
Exploits1References12
Rows per page
Query Builder