Lucene search
K

774 matches found

Fedora
Fedora
added 2025/01/15 1:40 a.m.22 views

[SECURITY] Fedora 40 Update: redis-7.2.7-1.fc40

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.8CVSS6.9AI score0.07802EPSS
Exploits2
OSV
OSV
added 2024/12/27 2:15 p.m.3 views

UBUNTU-CVE-2024-53193

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2clkprovider Some heap space is allocated for the flexible structure struct clkhwonecelldata and its flexible-array member hws through the composite structure struct...

7.8CVSS6.5AI score0.00223EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2024/12/24 2:58 p.m.7 views

CVE-2024-53151

In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: Commit 78147ca8b4a9 "svcrdma: Add a "parsed chunk list" data structure" from Jun 22, 2020 linux-next, leads to the following Smatch static checker warning:...

4.4CVSS7.3AI score0.00267EPSS
Exploits0References4
OSV
OSV
added 2024/11/09 11:15 a.m.9 views

AZL-53099 CVE-2024-50262 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in triegetnextkey triegetnextkey allocates a node stack with size trie-maxprefixlen, while it writes trie-maxprefixlen + 1 nodes to the stack when it has full paths from the root to leaves. For exampl...

7.8CVSS6.5AI score0.00267EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.22 views

Adobe Reader < 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30306 or 2017.009.20044. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitabl...

10CVSS7AI score0.20377EPSS
Exploits2References43
Fedora
Fedora
added 2024/10/15 3:23 p.m.19 views

[SECURITY] Fedora 41 Update: valkey-8.0.1-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS6.9AI score0.04488EPSS
Exploits1
CVE
CVE
added 2024/09/18 7:12 a.m.156 views

CVE-2024-46761

CVE-2024-46761 affects the Linux kernel’s PCI hotplug driver for PowerPC (pci/hotplug/pnv_php.c). The issue caused a kernel crash during hot-unplug/disable of a PCIe switch/bridge from the PHB, due to a NULL dereference when the MSI data structure had already been released and set to NULL, yet un...

5.5CVSS6.2AI score0.00251EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/18 12:24 a.m.6 views

kernel: mm/filemap: skip to create PMD-sized page cache if needed

A vulnerability was found in the Linux kernel related to how large page caching is handled, particularly for AMD64 architectures. The issue stems from the xarray data structure's inability to support PMD-sized page caches when the base page size is larger than MAXPAGECACHEORDER. The particular...

5.5CVSS7.2AI score0.00288EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/09/10 4:3 p.m.47 views

CVE-2024-45595 D-Tale allows Remote Code Execution through the Query input on Chart Builder

D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default...

6.1CVSS0.00741EPSS
Exploits0References3
CVE
CVE
added 2024/09/10 4:3 p.m.61 views

CVE-2024-45595

D-Tale (Pandas visualizer) is vulnerable to remote code execution when hosted publicly via the Chart Builder’s Custom Filter input. The underlying issue is improper handling/validation of user-supplied input in the Custom Filter, enabling execution of arbitrary code on the server. The recommended...

9.8CVSS8.4AI score0.00741EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/08/22 7:45 p.m.23 views

BIT-VALKEY-2021-32628 Vulnerability in handling large ziplists

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist...

7.5CVSS8.4AI score0.03636EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/06/28 12:0 a.m.3 views

tpm2-tss Security Vulnerabilities

tpm2-tss is a TCG TPM2 Software Stack TSS2 OSS implementation open-sourced by tpm2. A security vulnerability exists in tpm2-tss 4.0.1 and earlier versions, which stems from the fact that arbitrary numbers can be used in the JSON structure, resulting in an attacker being able to gain undue access ...

4.3CVSS7.1AI score0.00346EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/06/24 11:15 p.m.3 views

SUSE CVE-2024-38629

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of fileida fileida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to...

5.5CVSS6.6AI score0.00231EPSS
Exploits0References10
OSV
OSV
added 2024/06/19 2:15 p.m.1 views

UBUNTU-CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

4.7CVSS6.3AI score0.00175EPSS
Exploits0References29
Zero Day Initiative
Zero Day Initiative
added 2024/06/10 12:0 a.m.26 views

Linux Kernel nftables Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.1CVSS7.3AI score0.00411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/31 12:0 a.m.23 views

Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7AI score0.00376EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2024-fd2569c4e9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.2CVSS9.6AI score0.00756EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.15 views

Fedora: Security Advisory for glib2 (FEDORA-2024-635a54eb7e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.2CVSS5.8AI score0.00756EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/22 8:19 a.m.25 views

CVE-2021-47483 regmap: Fix possible double-free in regcache_rbtree_exit()

In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcacherbtreeexit In regcacherbtreeinserttoblock, when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode-block' will be freed, so 'rbnode-block' points a freed memory,...

6.4AI score0.00229EPSS
Exploits0References8
NVD
NVD
added 2024/05/17 12:15 p.m.22 views

CVE-2024-27431

In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdprxqinfo struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdprxqinfo data structure being used in the xdpbuff that backs the XDP...

5.5CVSS7.6AI score0.00223EPSS
Exploits0References8
Rows per page
Query Builder