Lucene search
K

68 matches found

Redos
Redos
added 2024/12/05 12:0 a.m.11 views

ROS-20241205-01

The vulnerability of the asm-bug component of the Linux operating system kernel is related to incorrect error handling in arch/arm64/include/asm/asm-bug.h. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the sr component of the...

6.2CVSS6.6AI score0.00237EPSS
Exploits0
Veracode
Veracode
added 2024/12/02 5:36 a.m.8 views

Sensitive Information Exposure

calibreweb is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper error handling, exposing the names of private shelves in error messages when unauthorized users attempt to remove a book from a shelf they do not own...

4.3CVSS6.5AI score0.00358EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2024/11/21 12:0 a.m.12 views

Unspecified vulnerability in Linux kernel (CNVD-2024-46451)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iommupagingdomainalloc function not returning a null pointer, but an error pointer. No details of the...

5.5CVSS6.6AI score0.00186EPSS
Exploits0References1
Veracode
Veracode
added 2024/08/30 7:4 a.m.13 views

Full Path Disclosure

Drupal is vulnerable to Full Path Disclosure. The vulnerability is due to improper error handling in core/authorize.php when hashsalt is set to the filegetcontents of a non-existent file...

5.3CVSS6.5AI score0.09269EPSS
Exploits4References4Affected Software3
Vulnrichment
Vulnrichment
added 2024/01/02 12:0 a.m.13 views

CVE-2023-50019

An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of NudmUECMRegistration response...

5.7AI score0.00636EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.19 views

PT-2025-18822 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the net/mlx5 component related to E-Switch. The issue involves an error in error handling code where it...

8.8CVSS5.1AI score0.16642EPSS
Exploits12References905
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.7 views

PT-2023-28018 · Grupposcai · Realgimm

Name of the Vulnerable Software and Affected Versions: GruppoSCAI RealGimm version 1.1.37p38 Description: An improper error handling issue in the ErroreNonGestito.aspx component allows attackers to obtain sensitive technical information via a crafted SQL query. Recommendations: For GruppoSCAI...

8.8CVSS8.4AI score0.00859EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/04/04 6:30 a.m.8 views

CVE-2023-1768 Symmetric agent data encryption fails silently

Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations...

3.7CVSS5.2AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2023/03/01 8:15 p.m.7 views

CVE-2023-23006

In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/drdomain.c misinterprets the mlx5getuarspage return value expects it to be NULL in the error case, whereas it is actually an error pointer...

5.5CVSS7.7AI score
Exploits0References2
OSV
OSV
added 2023/02/28 9:15 p.m.6 views

CVE-2023-22997

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the modulegetnextpage return value expects it to be NULL in the error case, whereas it is actually an error pointer...

5.5CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.4 views

PT-2023-33334 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue concerns error handling in the iavf init module function. It was introduced in version v4.6 and fixed in version v5.10.158. The actual impact and attack plausibility have not yet...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.2 views

PT-2022-36303 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue concerns error handling in the ata tdev add function. It was introduced in version v2.6.37 and fixed in version v5.10.156. The actual impact and attack plausibility have not yet...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36002 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue concerns error handling in the ata tport add function. It was introduced in version v2.6.37 and fixed in version v6.0.10. The actual impact and attack plausibility have not yet bee...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.3 views

PT-2022-33425 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to an error handling path in the meson mmc probe function. It was introduced in version v4.18 and fixed in Linux Kernel version v5.19.4. The actual impact and attack...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2021/03/25 12:0 a.m.13 views

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-22450)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...

4.3CVSS6.5AI score0.00944EPSS
Exploits0References1
OSV
OSV
added 2019/12/24 1:15 a.m.8 views

CVE-2019-19950

In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c...

9.8CVSS9.5AI score
Exploits0References6
OSV
OSV
added 2019/07/26 5:15 a.m.11 views

CVE-2018-20856

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an blkdrainqueue use-after-free because a certain error case is mishandled...

7.8CVSS6.4AI score
Exploits0References24
OSV
OSV
added 2017/04/23 5:59 a.m.11 views

CVE-2017-8072

The cp2112gpiodirectioninput function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors...

7.8CVSS6.5AI score
Exploits0References5
OSV
OSV
added 2017/02/07 12:33 p.m.9 views

SUSE-SU-2017:0412-1 Security update for mariadb

This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...

7CVSS5.9AI score0.04792EPSS
Exploits10References25
OSV
OSV
added 2017/02/07 12:16 p.m.7 views

SUSE-SU-2017:0411-1 Security update for mariadb

This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...

7CVSS5.9AI score0.04792EPSS
Exploits10References25
Rows per page
Query Builder