Lucene search
K

48 matches found

OSV
OSV
added 2024/02/28 9:15 a.m.7 views

CVE-2020-36778

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in xiicxfer and xiici2cremove. However, pmruntimegetsync will increment the PM reference count even...

5.5CVSS6.6AI score
Exploits0References4
OSV
OSV
added 2024/01/18 6:45 p.m.28 views

CVE-2024-22419 concat built-in can corrupt memory in vyper

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The concat built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the buildIR for concat doesn't properly adhere to the API of co...

7.3CVSS9.3AI score0.0077EPSS
Exploits1References5
OSV
OSV
added 2023/07/25 1:53 p.m.15 views

GHSA-VF78-3Q9F-92G3 Hard-coded System User Credentials in Folio Data Export Spring module

Impact The module creates a system user that is used to perform internal module-to-module operations. Credentials for this user are hard-coded in the source code. This makes it trivial to authenticate as this user, resulting in unauthorized access to potentially dangerous APIs, allowing to view a...

10CVSS8.7AI score0.00646EPSS
Exploits0References6
OSV
OSV
added 2023/02/13 6:3 p.m.8 views

GSD-2023-1002297 netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.

netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.303 by commit...

7.5AI score
Exploits0
OSV
OSV
added 2023/01/17 5:41 p.m.16 views

GSD-2023-1000465 staging: media: tegra-video: fix device_node use after free

staging: media: tegra-video: fix devicenode use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/08 2:44 a.m.7 views

GSD-2022-1007900 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()

net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 ...

7.2AI score
Exploits0
OSV
OSV
added 2022/12/01 12:0 a.m.26 views

ASB-A-187702830

In cropPhoto of EditUserPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00143EPSS
Exploits0References3
OSV
OSV
added 2022/10/20 8:52 a.m.7 views

SUSE-SU-2022:3671-1 Security update for libostree

This update for libostree fixes the following issues: - CVE-2014-9862: Fixed arbitrary write on heap vulnerability bsc1201770...

7.8CVSS7.6AI score0.06762EPSS
Exploits0References3
OSV
OSV
added 2022/09/17 12:16 a.m.14 views

GSD-2022-1005660 meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init

meson-mx-socinfo: Fix refcount leak in mesonmxsocinfoinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

7.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/08/05 12:0 a.m.26 views

Raneto vulnerable to Cross-site Scripting

Renato v0.17.0 was discovered to contain a cross-site scripting XSS vulnerability. This issue is fixed in version 0.17.1...

9.8CVSS4.8AI score0.01293EPSS
Exploits3References7Affected Software1
OSV
OSV
added 2022/04/24 10:36 p.m.11 views

GSD-2022-1002343 net/x25: Fix null-ptr-deref caused by x25_disconnect

net/x25: Fix null-ptr-deref caused by x25disconnect This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:28 p.m.8 views

GSD-2022-1001612 rtc: pl031: fix rtc features null pointer dereference

rtc: pl031: fix rtc features null pointer dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:1 p.m.6 views

GSD-2022-1001292 PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove()

PM: domains: Fix sleep-in-atomic bug caused by genpddebugremove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/13 4:6 p.m.16 views

MGASA-2022-0139 Updated webkit2 packages fix security vulnerability

The webkit2 package has been updated to version 2.36.0, fixing several security issues and other bugs...

8.8CVSS8.7AI score0.03668EPSS
Exploits0References4
OSV
OSV
added 2021/11/14 3:15 p.m.10 views

GSD-2021-1001994 comedi: ni_usb6501: fix NULL-deref in command paths

comedi: niusb6501: fix NULL-deref in command paths This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.217 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2021/10/18 2:6 p.m.6 views

OPENSUSE-SU-2021:1371-1 Security update for libqt5-qtsvg

This update for libqt5-qtsvg fixes the following issues: - CVE-2021-3481: Fixed an out of bounds read in function QRadialFetchSimd from crafted svg file. bsc1184783 This update was imported from the SUSE:SLE-15-SP2:Update update project...

7.1CVSS6.8AI score0.00511EPSS
Exploits1References3
OSV
OSV
added 2021/08/03 2:57 a.m.10 views

GSD-2021-1001492 atm: iphase: fix possible use-after-free in ia_module_exit()

atm: iphase: fix possible use-after-free in iamoduleexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.276 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2021/08/03 2:44 a.m.12 views

GSD-2021-1001448 watchdog: Fix possible use-after-free in wdt_startup()

watchdog: Fix possible use-after-free in wdtstartup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.276 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/30 12:37 a.m.35 views

UVI-2021-1001070 net: hamradio: fix memory leak in mkiss_close

net: hamradio: fix memory leak in mkissclose This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...

7.2AI score
Exploits0
ossfuzz
ossfuzz
added 2020/07/07 11:2 p.m.39 views

syzkaller:prog_deserialize_fuzzer: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=4907676728033280 Project: syzkaller Fuzzing Engine: libFuzzer Fuzz Target: progdeserializefuzzer Job Type: libfuzzerasansyzkaller Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000008ab0 Crash State: NULL Sanitizer: address ASAN...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder