Lucene search
K

4722 matches found

RedHat Linux
RedHat Linux
added 2025/05/06 8:23 p.m.6 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/06 3:43 p.m.12 views

libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.3AI score0.00694EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/06 1:53 p.m.7 views

libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.3AI score0.00694EPSS
Exploits0References5
OSV
OSV
added 2025/05/06 10:15 a.m.4 views

CVE-2025-46762

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be...

8.1CVSS6.1AI score0.01446EPSS
Exploits0References2
OSV
OSV
added 2025/05/06 5:58 a.m.1 views

BELL-CVE-2023-53096

Bulletin has no description...

5.5CVSS7AI score0.0016EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/05 1:35 p.m.3 views

SUSE CVE-2022-49800

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf in fail path, hence buf will leak when there is no failure. Add kfreebuf to prevent the memleak. The same reason and solution in...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/05/05 1:17 a.m.7 views

libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.3AI score0.00694EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/04 5:4 p.m.30 views

CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

6.8AI score0.00149EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/05/03 2:49 a.m.5 views

SUSE CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS7.9AI score0.00149EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.2 views

CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2025/05/02 4:15 p.m.23 views

CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS0.00149EPSS
Exploits0References8
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

DEBIAN-CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS5.5AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.4 views

CVE-2023-53057

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be intentionally invali...

7.1CVSS6.1AI score0.00161EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/05/02 4:15 p.m.6 views

UBUNTU-CVE-2023-53141

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References11
CVE
CVE
added 2025/05/02 3:56 p.m.90 views

CVE-2023-53141

CVE-2023-53141 is a Linux kernel vulnerability described in the Unity/Nessus materials. The issue is in ila_xlat_nl_cmd_get_mapping() for IPv6 ila (used by netlink): it can generate an empty skb, which would trigger a sanity check. The fix is to return an error code instead of generating an empty...

5.5CVSS6.5AI score0.00149EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/05/02 3:56 p.m.12 views

CVE-2023-53141 ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

0.00149EPSS
Exploits0References8
OSV
OSV
added 2025/05/02 3:56 p.m.9 views

CVE-2023-53141 ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()

In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ilaxlatnlcmdgetmapping ilaxlatnlcmdgetmapping generates an empty skb, triggerring a recent sanity check 1. Instead, return an error code, so that user space can get it. 1 skbassertlen WARNIN...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
OSV
OSV
added 2025/05/02 12:59 p.m.7 views

CLSA-2025-1746190792 libreoffice: Fix of 2 CVEs

CVE-2022-38745: avoid unnecessary empty -Djava.class.path= - CVE-2024-3044: add notify for script execution...

7.8CVSS5.9AI score0.01008EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 3:16 p.m.5 views

UBUNTU-CVE-2022-49800

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf in fail path, hence buf will leak when there is no failure. Add kfreebuf to prevent the memleak. The same reason and solution in...

5.5CVSS6AI score0.00159EPSS
Exploits0References7
OSV
OSV
added 2025/05/01 2:15 p.m.5 views

UBUNTU-CVE-2025-37792

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtlinitialize function checks that rtlloadfile either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not se...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References40
Rows per page
Query Builder