Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vhost-scsi: Protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn If...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/05/01 7:0 p.m.8 views

CLSA-2026-1777662046 vim: Fix of CVE-2022-2183

CVE-2022-2183: fix out-of-bounds read in getlispindent src/indent.c by guarding the that++; amount++; advance with if that != NUL so the lisp auto-indent pointer does not walk past the line's NUL terminator...

7.8CVSS7.1AI score0.0145EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/02/26 4:25 a.m.7 views

kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capdisconnectreq,rsp Similar to commit d0be8347c623 "Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput", just use l2capchanholdunlesszero to prevent referencing a channel that i...

5.6AI score0.00216EPSS
Exploits0References5
OSV
OSV
added 2025/12/08 1:19 a.m.3 views

CVE-2023-53751 cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...

6.5AI score0.00156EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8649

Malware in sbrugna...

5.5CVSS7.3AI score0.0057EPSS
Exploits1References22
Cvelist
Cvelist
added 2025/09/15 2:49 p.m.6 views

CVE-2022-50333 fs: jfs: fix shift-out-of-bounds in dbDiscardAG

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor...

0.00152EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2024/06/20 11:13 a.m.20 views

CVE-2022-48770

In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...

5.5CVSS5.8AI score0.00216EPSS
Exploits0
NVD
NVD
added 2024/02/22 11:15 a.m.31 views

CVE-2024-0220

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS8.6AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2024/02/22 10:15 a.m.93 views

CVE-2024-0220

Affected software: B&R Automation Studio Upgrade Service and B&R Technology Guarding. Issue: insufficient cryptography in communications with upgrade and licensing servers, enabling a network attacker to potentially execute arbitrary code or sniff sensitive data. Root cause: cryptographic weaknes...

8.3CVSS8.6AI score0.00364EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2024/02/22 10:15 a.m.34 views

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS8.7AI score0.00364EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:7 p.m.34 views

K09052213: glibc vulnerability CVE-2015-8777

Security Advisory Description The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable. CVE-2015-8777 Impact This vulnerability may...

5.5CVSS6.9AI score0.0057EPSS
Exploits1Affected Software22
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD System Management Unit (SMU) 资源管理错误漏洞

The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in AMD System Management Unit SMU that stems from insufficient guarding and checking, resulting in access to invalid message port registers, which could lead to a denial of...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2016:0473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.89557EPSS
Exploits19References12
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.31 views

EulerOS 2.0 SP2 : glibc (EulerOS-SA-2017-1200)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to cra...

9.8CVSS8AI score0.05966EPSS
Exploits3References6
Amazon
Amazon
added 2017/08/31 12:0 a.m.36 views

Medium: glibc

Issue Overview: Unbounded stack allocation in catopen function A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code.CVE-2015-8779 Integer overflow in hcreate...

9.8CVSS9.1AI score0.05966EPSS
Exploits3
OSV
OSV
added 2016/12/15 1:52 p.m.10 views

SUSE-SU-2016:3162-1 Security update for pacemaker

This update for pacemaker fixes one security issue and several non-security issues. The following security issue has been fixed: - libcrmcommon: Fix improper IPC guarding. bsc1007433, CVE-2016-7035 The following non-security issues have been fixed: - Add logrotate to reqs of pacemaker-cli. - Add...

8.8CVSS8.4AI score0.0325EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2016/12/13 12:0 a.m.31 views

openSUSE Security Update : pacemaker (openSUSE-2016-1447)

This update for pacemaker fixes the following issues : - remote: Allow cluster and remote LRM API versions to diverge bsc1009076 - libcrmcommon: fix CVE-2016-7035 improper IPC guarding bsc1007433 - sysconfig: minor tweaks typo, wording - spec: more robust check for systemd being in use - spec:...

8.8CVSS7.6AI score0.0325EPSS
Exploits0References11
OSV
OSV
added 2016/12/02 10:41 a.m.8 views

SUSE-SU-2016:2974-1 Security update for pacemaker

This update for pacemaker fixes the following issues: - remote: Allow cluster and remote LRM API versions to diverge bsc1009076 - libcrmcommon: fix CVE-2016-7035 improper IPC guarding bsc1007433 - sysconfig: minor tweaks typo, wording - spec: more robust check for systemd being in use - spec:...

8.8CVSS8.1AI score0.0325EPSS
Exploits0References12
OSV
OSV
added 2016/11/22 11:5 a.m.13 views

SUSE-SU-2016:2869-1 Security update for pacemaker

This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2016-7797: Notify other clients of a new connection only if the handshake has completed bsc967388, bsc1002767. - CVE-2016-7035: Fixed improper IPC guarding in pacemaker bsc1007433. Bug fixes: - bsc1003565: crmd:...

8.8CVSS8AI score0.0325EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/11/15 12:0 a.m.33 views

Fedora 25 : pacemaker (2016-c1cbcc4528)

Security fix for CVE-2016-7035 improper IPC guarding Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...

8.8CVSS7.6AI score0.00395EPSS
Exploits0References2
Rows per page
Query Builder