4441 matches found
CVE-2024-29651
A prototype pollution flaw was found in the API Dev Tools json-schema-ref-parser. This flaw allows a remote attacker to cause a denial of service, Cross-site scripting, or arbitrary code via the bundle, parse, resolve, and dereference functions. Mitigation Mitigation for this issue is either not...
CVE-2023-52796
In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlanprocessv6outbound by moving the flowi6 struct used for the route lookup in an non...
DEBIAN-CVE-2023-52744
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix potential NULL-ptr-dereference indevget can return NULL which will cause a failure once idev is dereferenced in indevforeachifartnl. This patch adds a check for NULL value in idev beforehand. Found by Linux...
CVE-2023-52868
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...
CVE-2023-52758
CVE-2023-52758 is rejected by the CNA and is not an active vulnerability entry.
DEBIAN-CVE-2021-47289
In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...
CVE-2021-47257
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...
UBUNTU-CVE-2021-47289
In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...
CVE-2021-47257 net: ieee802154: fix null deref in parse dev addr
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...
CVE-2021-47257 net: ieee802154: fix null deref in parse dev addr
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type...
CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...
SUSE CVE-2024-36009
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...
PT-2024-11292 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue has been resolved in the Linux kernel. The problem occurred when the acpi dev put function was called on a possibly NULL pointer, which was not handled...
json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
GHSA-5F97-H2C2-826Q json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
CVE-2024-29651 is a Prototype Pollution vulnerability in API Dev Tools json-schema-ref-parser (versions 11.0.0 and 11.1.0). The flaw allows remote code execution or denial of service by manipulating Object.prototype via bundle(), parse(), resolve(), or dereference() functions. Affected IBM stack ...
DEBIAN-CVE-2024-36009
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...