Lucene search
K

4719 matches found

OSV
OSV
added 2024/10/21 12:15 p.m.9 views

AZL-50842 CVE-2024-47699 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...

5.5CVSS6.8AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.15 views

AZL-50993 CVE-2024-47699 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...

5.5CVSS6.8AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 12:15 p.m.3 views

DEBIAN-CVE-2024-47699

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...

5.5CVSS6AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mishandling of empty b-tree nodes in the nilfs2 file system...

5.5CVSS6.7AI score0.00261EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/10/16 2:5 a.m.20 views

CVE-2024-9104 UltimateAI <= 2.8.3 - Limited User Password Change due to Improper Empty and Missing Default Value Check

The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.3. This is due to the improper empty value check and a missing default activated value check in the 'ultimateaichangepass' function. This makes it possible for unauthenticated...

5.6CVSS0.00322EPSS
Exploits0References2
Amazon
Amazon
added 2024/10/15 12:0 a.m.5 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.7AI score0.00317EPSS
Exploits0
Amazon
Amazon
added 2024/10/14 12:0 a.m.3 views

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

3.6CVSS6.6AI score0.00317EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/12 7:0 a.m.4 views

ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item

...

5.5CVSS5.8AI score0.00177EPSS
Exploits0
OSV
OSV
added 2024/10/09 5:15 a.m.3 views

DEBIAN-CVE-2024-45160

Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty clientpassword parameter client secret...

9.1CVSS5.3AI score0.00515EPSS
Exploits0References1
OSV
OSV
added 2024/10/09 5:15 a.m.2 views

UBUNTU-CVE-2024-45160

Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty clientpassword parameter client secret...

9.1CVSS5.8AI score0.00515EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

LemonLDAP::NG 安全漏洞

LemonLDAP::NG is a set of Web single sign-on and access management software from LemonLDAP::NG open source. A security vulnerability exists in LemonLDAP::NG version 2.18.x and 2.19.x prior to 2.19.2, which stems from the presence of incorrect credential validation, allowing an attacker to bypass...

9.1CVSS6.6AI score0.00515EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2562)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.5AI score0.05582EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2024/10/08 10:20 p.m.12 views

SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...

7.7AI score
Exploits0References4Affected Software2
OSV
OSV
added 2024/10/08 10:20 p.m.3 views

GHSA-QJRV-V6QP-X99X SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...

7.1CVSS7.7AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.3 views

PT-2024-40433 · Surrealdb · Surrealdb

Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 2.0.4 Description: The issue occurs when the parser fails to handle the conversion of an empty string to a SurrealDB value, such as when casting to a record, duration, or datetime, or when parsing an empty string t...

7.1CVSS7.5AI score
Exploits0References5
NVD
NVD
added 2024/10/04 6:15 a.m.27 views

CVE-2024-6443

In utf8trunc in zephyr/lib/utils/utf8.c, lastbytep can point to one byte before the string pointer if the string is empty...

6.5CVSS0.00583EPSS
Exploits1References1
OSV
OSV
added 2024/10/04 6:15 a.m.5 views

CVE-2024-6443

In utf8trunc in zephyr/lib/utils/utf8.c, lastbytep can point to one byte before the string pointer if the string is empty...

6.5CVSS5.5AI score
Exploits0References1
OSV
OSV
added 2024/10/04 6:15 a.m.1 views

UBUNTU-CVE-2024-6443

In utf8trunc in zephyr/lib/utils/utf8.c, lastbytep can point to one byte before the string pointer if the string is empty...

6.5CVSS5.8AI score0.00583EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/04 5:56 a.m.36 views

CVE-2024-6443 zephyr: out-of-bound read in utf8_trunc

In utf8trunc in zephyr/lib/utils/utf8.c, lastbytep can point to one byte before the string pointer if the string is empty...

6.3CVSS0.00583EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.4 views

PT-2024-37630 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr affected versions not specified Description: The issue occurs in the utf8 trunc function found in zephyr/lib/utils/utf8.c, where last byte p might point to the byte just before the string pointer if the string is empty. This is a buffe...

6.5CVSS7.1AI score0.00583EPSS
Exploits1References9
Rows per page
Query Builder