Lucene search
K

5 matches found

OSV
OSV
added 2024/11/14 4:55 p.m.9 views

USN-7089-5 linux-raspi vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.6AI score0.00478EPSS
Exploits4References197
OSV
OSV
added 2024/09/13 11:47 a.m.8 views

USN-7009-1 linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS6.5AI score0.02701EPSS
Exploits4References220
RedHat Linux
RedHat Linux
added 2020/12/17 4:40 p.m.3 views

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/17 4:40 p.m.3 views

jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03583EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/18 10:24 a.m.5 views

jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.06278EPSS
Exploits0References5
Rows per page
Query Builder