Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12999

Malicious code in bioql PyPI...

7.1AI score0.00166EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21863

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0041EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:7 a.m.8 views

CVE-2024-24444

Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS by repeatedly establishing SCTP connections with the N2 interface...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.5 views

PT-2025-18484 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the 9p protocol and file descriptor handling. Specifically, when the file descriptor refers to a pipe, th...

8.8CVSS7.5AI score0.0129EPSS
Exploits3References504
NVD
NVD
added 2025/04/07 11:15 a.m.6 views

CVE-2024-43066

Memory corruption while handling file descriptor during listener registration/de-registration...

7.8CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2025/04/07 10:15 a.m.94 views

CVE-2024-43066

CVE-2024-43066 describes a memory corruption condition that occurs when processing file descriptors during listener registration or de-registration. Multiple connected sources attribute this to Qualcomm components (including bootloader and kernel or Qualcomm closed-source components) and to Qualc...

7.8CVSS6.9AI score0.001EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.5 views

PT-2025-15190 · Qualcomm · Qualcomm Snapdragon Auto

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Description: The issue is related to memory corruption that occurs while handling file descriptors during listener registration or de-registration. Recommendations: At the moment, there...

7.8CVSS6.6AI score0.001EPSS
Exploits0References5
NVD
NVD
added 2025/01/21 10:15 p.m.9 views

CVE-2024-24444

Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS by repeatedly establishing SCTP connections with the N2 interface...

7.5CVSS0.0041EPSS
Exploits0References1
CVE
CVE
added 2025/01/21 12:0 a.m.66 views

CVE-2024-24444

OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 is affected by CVE-2024-24444 due to improper file descriptor handling for closed connections. An attacker can cause a Denial of Service by repeatedly establishing SCTP connections with the N2 interface. Impact: high availability risk; attack ...

7.5CVSS6.5AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/07/16 11:25 p.m.38 views

CVE-2022-48801

In the Linux kernel, the following vulnerability has been resolved: iio: buffer: Fix file related error handling in IIOBUFFERGETFDIOCTL If we fail to copy the just created file descriptor to userland, we try to clean up by putting back 'fd' and freeing 'ib'. The code uses putunusedfd for the form...

4.4CVSS7.1AI score0.00284EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/04/04 12:0 a.m.5 views

The vulnerability in the set of VMware Tools relates to improper privilege assignment, allowing a malicious actor to circumvent existing security restrictions.

The vulnerability of the VMware Tools set is related to the vulnerability of handling the file descriptor in the vmware-user-suid-wrapper layer. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

7CVSS6.5AI score0.00402EPSS
Exploits0References7Affected Software4
OSV
OSV
added 2024/01/31 8:17 p.m.3 views

USN-6619-1 runc vulnerability

Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions...

8.6CVSS6.7AI score0.18087EPSS
Exploits18References2
0day.today
0day.today
added 2023/02/01 12:0 a.m.329 views

vmwgfx Driver File Descriptor Handling Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...

7.8CVSS7.1AI score0.02579EPSS
Exploits3
OSV
OSV
added 2022/10/27 1:0 p.m.4 views

USN-5704-1 dbus vulnerabilities

It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...

6.5CVSS6.6AI score0.0131EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/26 12:33 p.m.57 views

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2022-22942 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor...

7.8CVSS0.4AI score0.02579EPSS
Exploits3Affected Software1
OSV
OSV
added 2022/02/28 12:18 p.m.3 views

USN-5304-1 policykit-1 vulnerability

Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service...

5.5CVSS7.1AI score0.0053EPSS
Exploits1References2
OSV
OSV
added 2021/12/26 12:14 a.m.8 views

MGASA-2021-0587 Updated golang packages fix security vulnerability

net/http: limit growth of header canonicalization cache CVE-2021-44716 syscall: don't close fd 0 on ForkExec error CVE-2021-44717...

7.5CVSS6.3AI score0.03958EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/03/01 12:0 a.m.4 views

The vulnerability of the runc command, a tool for starting isolated containers, is related to errors in processing file descriptors. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the runc command, used to execute isolated containers, is related to errors in processing file descriptors. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.2CVSS7.3AI score0.9857EPSS
Exploits33References23Affected Software8
RedHat Linux
RedHat Linux
added 2019/02/25 10:46 p.m.4 views

runc: Execution of malicious containers allows for container escape and access to host filesystem

A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system...

9.3CVSS7AI score0.9857EPSS
Exploits33References7
Veracode
Veracode
added 2019/02/12 2:31 a.m.35 views

Malicious Container Execution

github.com/opencontainers/runc is vulnerable to Malicious Container Execution. It does not properly perform the file-descriptor handling which allows a malicious user to overwrite the host runc binary and subsequently executing containers such as 1 a new container with an attacker-controlled imag...

8.6CVSS8.4AI score0.9857EPSS
Exploits33References79Affected Software3
Rows per page
Query Builder