Lucene search
K

4721 matches found

Amazon
Amazon
added 2025/03/06 12:0 a.m.4 views

Low: ecs-init

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/05 11:2 a.m.23 views

CVE-2024-43061

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive...

7.8CVSS7.3AI score0.00108EPSS
Exploits0
Cvelist
Cvelist
added 2025/03/03 10:7 a.m.18 views

CVE-2024-43061 Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive...

7.8CVSS0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 10:7 a.m.7 views

CVE-2024-43061 Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive...

7.8CVSS7.9AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which originates from memory corruption during voice activation when sound model parameters are loaded from HLOS and the received sound model list is...

7.8CVSS6.9AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2025/03/01 5:57 a.m.0 views

BELL-CVE-2025-21817 CVE-2025-21817 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/27 3:12 a.m.2 views

SUSE CVE-2022-49077

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...

5.5CVSS6.4AI score0.00232EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/27 3:9 a.m.8 views

SUSE CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS6.4AI score0.00276EPSS
Exploits0References10
OSV
OSV
added 2025/02/26 8:6 p.m.7 views

GHSA-M2JW-CJ8V-937R copyparty renders unsanitized filenames as HTML when user uploads empty files

Summary A DOM-Based XSS was discovered in copyparty, a portable fileserver. The vulnerability is considered low-risk. Details By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execute arbitrary javascript with the...

3.6CVSS4.5AI score0.00426EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/02/26 8:6 p.m.15 views

copyparty renders unsanitized filenames as HTML when user uploads empty files

Summary A DOM-Based XSS was discovered in copyparty, a portable fileserver. The vulnerability is considered low-risk. Details By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execute arbitrary javascript with the...

6.1CVSS4.5AI score0.00426EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49649

In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting the rx queue not being empty, but in case the loop in xenvifrxaction is doing multiple iterations, the availability of another skb in...

5.5CVSS5.5AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:1 a.m.13 views

CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS0.00276EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 7:1 a.m.6 views

DEBIAN-CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS5.4AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS6AI score0.00276EPSS
Exploits0References12
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

DEBIAN-CVE-2022-49077

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...

5.5CVSS5.3AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 2:12 a.m.9 views

CVE-2022-49443 list: fix a data-race around ep->rdllist

In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...

4.7CVSS5AI score0.00165EPSS
Exploits0References7
CVE
CVE
added 2025/02/26 1:56 a.m.153 views

CVE-2022-49264

CVE-2022-49264 is a Linux kernel issue where execve(2) argv handling could lead to an elevation of privilege. The fix injects a single empty string into argv when argc == 0 and updates argc accordingly, preventing argv from being empty or NULL. The description indicates this is a local privilege-...

5.5CVSS6.5AI score0.00276EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2025/02/26 1:56 a.m.13 views

CVE-2022-49264 exec: Force single empty string when argv is empty

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

0.00276EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/02/26 1:54 a.m.7 views

CVE-2022-49077

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...

5.5CVSS5.3AI score0.00232EPSS
Exploits0
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not forcing a single empty string when argv is null in execve...

5.5CVSS5.5AI score0.00276EPSS
Exploits0References10
Rows per page
Query Builder