Lucene search
+L

19 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/29 5:21 p.m.6 views

CVE-2026-57953

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventingimportautomaticwebhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can...

5.4CVSS5.8AI score0.00249EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53671

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description An authorization bypass exists that allows authenticated users with the spectator role to perform unauthorized write operations. This occurs because the 'eventing import automatic webhook' endpoint...

5.4CVSS6AI score0.00249EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fixed out-of-bound access when a valid event group is used. The perf tool allows users to create event groups using the cmd 1. However, the driver does not check whether the array index is out of bounds wh...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/06/20 3:54 p.m.29 views

CVE-2024-38568

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

4.4CVSS7.2AI score0.00234EPSS
Exploits0References4
NVD
NVD
added 2024/06/19 2:15 p.m.28 views

CVE-2024-38569

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

7.8CVSS0.00234EPSS
Exploits0References5
NVD
NVD
added 2024/06/19 2:15 p.m.19 views

CVE-2024-38568

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

7.8CVSS0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/06/19 2:15 p.m.14 views

UBUNTU-CVE-2024-38569

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

7.8CVSS6.5AI score0.00234EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2024/06/19 2:15 p.m.23 views

CVE-2024-38568

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

7.8CVSS6.4AI score0.00234EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/06/19 1:35 p.m.28 views

CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

0.00234EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/06/19 1:35 p.m.18 views

CVE-2024-38568 drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

7AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/06/19 1:35 p.m.15 views

CVE-2024-38568 drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References8
Ubuntu
Ubuntu
added 2024/01/10 9:55 p.m.65 views

USN-6549-5: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/01/09 6:41 p.m.83 views

USN-6548-4: Linux kernel (GKE) vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/13 2:1 p.m.99 views

USN-6549-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/13 1:55 p.m.129 views

USN-6534-3: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/12 1:16 p.m.57 views

USN-6534-2: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/05 9:13 p.m.107 views

USN-6532-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check...

7.8CVSS7.9AI score0.05794EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/21 3:17 p.m.80 views

USN-6497-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky discovered that the KVM nested virtualization SVM implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service host kernel crash. CVE-2023-5090 Alon Zahavi discovered that the...

8.8CVSS7.4AI score0.09141EPSS
Exploits2
OSV
OSV
added 2023/11/21 3:17 p.m.5 views

USN-6497-1 linux-oem-6.1 vulnerabilities

Maxim Levitsky discovered that the KVM nested virtualization SVM implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service host kernel crash. CVE-2023-5090 Alon Zahavi discovered that the...

8.8CVSS7AI score0.09141EPSS
Exploits2References4
Rows per page
Query Builder