Lucene search
K

6043 matches found

RedHat Linux
RedHat Linux
added 2024/08/13 3:9 p.m.6 views

kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

A vulnerability was found in the Linux kernel's NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The iasize field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This...

5.5CVSS7.2AI score0.00254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 2:30 p.m.2 views

kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

A vulnerability was found in the Linux kernel's NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The iasize field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This...

5.5CVSS7.2AI score0.00254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 11:17 a.m.3 views

kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

A vulnerability was found in the Linux kernel's NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The iasize field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This...

5.5CVSS7.2AI score0.00254EPSS
Exploits0References5
OSV
OSV
added 2024/08/12 4:15 p.m.3 views

CVE-2024-42630

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createfile...

8.8CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 11:36 a.m.18 views

CVE-2024-42166 Command Injection in Applicationname

The function "generateappcertificates" in lib/appcertificates.js of FIWARE Keyrock = 8.4 does not neutralize special elements used in an OS Command properly. This allows an authenticated user with permissions to create applications to execute commands by creating an application with a malicious...

9.1CVSS7.5AI score0.00486EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.7 views

PT-2024-30081 · Frog Cms · Frog Cms

Name of the Vulnerable Software and Affected Versions: FrogCMS version 0.9.5 Description: A Cross-Site Request Forgery CSRF issue was discovered in FrogCMS. The vulnerability can be exploited via the "/admin/?/plugin/file manager/create file" API endpoint. Recommendations: For FrogCMS version...

8.8CVSS6.8AI score0.00279EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/08/12 12:0 a.m.14 views

CVE-2024-42630

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createfile...

8.9AI score0.00279EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

FrogCms 安全漏洞

FrogCms is an HTTP server by philippe personal developer. A security vulnerability exists in FrogCms version v0.9.5, which stems from a vulnerability discovered via /admin/? /plugin/filemanager/createfile was found to contain a cross-site request forgery vulnerability...

8.8CVSS6.8AI score0.00279EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.2 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.4 views

kernel: crash due to a missing check for leb_size

A flaw was found in the Linux kernel. The createemptylvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service...

5.5CVSS7.2AI score0.00248EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/07 12:28 a.m.5 views

kernel: tls: fix missing memory barrier in tls_init

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...

5.5CVSS6.5AI score0.00253EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/07 12:14 a.m.3 views

kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

5.5CVSS6.8AI score0.00251EPSS
Exploits0References5
OSV
OSV
added 2024/08/06 10:3 p.m.97 views

GO-2024-3023 Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server

Mattermost allows remote actor to create/update/delete posts in arbitrary channels in github.com/mattermost/mattermost-server...

7.1CVSS6AI score0.00362EPSS
Exploits0References3
OSV
OSV
added 2024/08/01 3:32 p.m.10 views

GHSA-VG67-CHM7-8M3J Mattermost allows remote actor to create/update/delete posts in arbitrary channels

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels...

7CVSS6AI score0.00362EPSS
Exploits0References4
OSV
OSV
added 2024/08/01 7:15 a.m.5 views

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

4.7CVSS5.8AI score0.0255EPSS
Exploits0References1
NVD
NVD
added 2024/08/01 7:15 a.m.19 views

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

4.7CVSS0.0255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/01 6:54 a.m.14 views

CVE-2024-5678 SQL Injection

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

4.7CVSS8.2AI score0.0255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-37071

Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Applications Manager versions 17.0900 and below Description The issue concerns an authenticated admin-only SQL Injection in the Create Monitor feature. Recommendations For versions 17.0900 and below, update to a version...

4.7CVSS5.8AI score0.0255EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-29293 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.9.x through 9.9.0 Mattermost versions 9.5.x through 9.5.6 Mattermost versions 9.7.x through 9.7.5 Mattermost versions 9.8.x through 9.8.1 Description: The issue arises from the failure to properly validate synced posts...

7.1CVSS7AI score0.00362EPSS
Exploits0References11
Rows per page
Query Builder