Lucene search
K

103 matches found

Vulnrichment
Vulnrichment
added 2024/11/19 5:22 p.m.6 views

CVE-2024-53068 firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...

7.1AI score0.00221EPSS
Exploits0References3
OSV
OSV
added 2024/11/19 1:30 a.m.10 views

CVE-2024-50277 dm: fix a crash if blk_alloc_disk fails

In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blkallocdisk fails If blkallocdisk fails, the variable md-disk is set to an error value. cleanupmappeddevice will see that md-disk is non-NULL and it will attempt to access it, causing a crash on this statement...

4.7CVSS5.9AI score0.00187EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-791f8d9804)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00238EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/22 2:15 a.m.35 views

CVE-2022-48920

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References5
CVE
CVE
added 2024/08/17 9:9 a.m.118 views

CVE-2024-42313

CVE-2024-42313 affects the Linux kernel’s media: venus path, specifically a use-after-free in vdec_close() when the firmware queues a buffer-release work via HFI callbacks during decoding. The issue can occur if the decoder device is closed from userspace during normal decoding, potentially leadi...

7.8CVSS6.9AI score0.00228EPSS
Exploits0References10Affected Software1
Packet Storm
Packet Storm
added 2024/07/22 12:0 a.m.453 views

Candy Redis 2.1.2 Admin Page Disclosure

==================================================================================================================================== | Title : Candy Redis V2.1.2 HTML Form in redirect page Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/06/03 12:34 p.m.27 views

CVE-2024-36930

In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spisync If spisync is called with the non-empty queue and the same spimessage is then reused, the complete callback for the message remains set while the context is cleared, leading to a...

5.5CVSS7AI score0.00227EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/21 2:19 p.m.22 views

CVE-2021-47247 net/mlx5e: Fix use-after-free of encap entry in neigh update handler

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent encap entry...

6.7AI score0.00227EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/17 10:27 a.m.26 views

CVE-2024-26865 rds: tcp: Fix use-after-free of net in reqsk_timer_handler().

In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsktimerhandler. syzkaller reported a warning of netns tracker 0 followed by KASAN splat 1 and another ref tracker warning 1. syzkaller could not find a repro, but in the log, the only...

6.5AI score0.0023EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/25 9:16 a.m.19 views

CVE-2021-47165 drm/meson: fix shutdown crash when component not probed

In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unable to handle kernel...

6.6AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2024/03/07 9:33 a.m.9 views

SUSE-SU-2024:0793-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file bsc1217213...

8.8CVSS9.1AI score0.01744EPSS
Exploits0References3
OSV
OSV
added 2023/12/21 6:38 p.m.8 views

CLSA-2023-1703183930 haproxy: Fix of CVE-2023-45539

CVE-2023-45539: do not accept '' as part of the URI component...

8.2CVSS6.8AI score0.01526EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.12 views

CommunityIssuance.sol – Stability pool can manipulate time stamps with the fund function to issue more oath than appropriate.

Lines of code Vulnerability details If lastDistributionTime is set to a date in the future, it would allow the issueOath function to continue to mint tokens even after it should have stopped. This is because the if statement in issueOath checks whether the current time is greater than...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/02/20 12:0 a.m.10 views

Unnecessary precision loss in redeemKIBT()

Lines of code Vulnerability details Impact Unnecessary precision loss in redeemKIBT Proof of Concept If enter Deprecated mode, user can switch back to StableCoin by percentage with redeemKIBT The redeemKIBT implementation code is as follows: function redeemKIBTuint256 amount external override...

7AI score
Exploits0
NVD
NVD
added 2022/12/30 11:15 a.m.34 views

CVE-2022-43396

In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf...

8.8CVSS0.56844EPSS
Exploits0References1
OSV
OSV
added 2022/11/14 7:12 p.m.11 views

GSD-2022-1007179 kernfs: fix use-after-free in __kernfs_remove

kernfs: fix use-after-free in kernfsremove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.153 by commit...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/11/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:3899-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.00231EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/07/12 12:0 a.m.16 views

openSUSE: Security Advisory for python3 (SUSE-SU-2022:2357-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8CVSS8.2AI score0.07269EPSS
Exploits1References2
OSV
OSV
added 2022/06/28 8:13 p.m.10 views

GSD-2022-1004030 usb: dwc2: gadget: don't reset gadget's driver->bus

usb: dwc2: gadget: don't reset gadget's driver-bus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/28 6:22 p.m.8 views

GSD-2022-1002831 drm/amd/pm: fix double free in si_parse_power_table()

drm/amd/pm: fix double free in siparsepowertable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

7.3AI score
Exploits0
Rows per page
Query Builder