Lucene search
+L

71 matches found

Oracle linux
Oracle linux
added 2025/04/11 12:0 a.m.105 views

Unbreakable Enterprise kernel security update

5.15.0-307.178.5 - net/mlx5: DR, prevent potential error pointer dereference Dan Carpenter Orabug: 37434242 CVE-2024-56660 - uek-rpm: Set CONFIGIP6NFIPTABLES for ol9/ol8 container kernels Jonah Palmer Orabug: 37703179 - net: hsr: fix fillframeinfo regression vs VLAN packets Eric Dumazet - f2fs:...

7.8CVSS8AI score0.00288EPSS
Exploits0
OSV
OSV
added 2025/03/27 3:23 p.m.5 views

SUSE-SU-2025:20164-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...

9.8CVSS7.4AI score0.03301EPSS
Exploits8References1116
RedhatCVE
RedhatCVE
added 2025/02/28 5:44 a.m.7 views

CVE-2022-49663

In the Linux kernel, the following vulnerability has been resolved: tunnels: do not assume mac header is set in skbtunnelcheckpmtu Recently added debug in commit f9aefd6b2aa3 "net: warn if mac header was not set" caught a bug in skbtunnelcheckpmtu, as shown in this syzbot report 1. In ndostartxmi...

5.5CVSS6.6AI score0.00266EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.6 views

PT-2025-5257 · Vite · Vite

Name of the Vulnerable Software and Affected Versions: Vite versions prior to 6.0.9 Vite versions prior to 5.4.12 Vite versions prior to 4.5.6 Description: Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of...

7.8CVSS6.9AI score0.00283EPSS
Exploits1References10
OSV
OSV
added 2025/01/11 1:15 p.m.8 views

UBUNTU-CVE-2024-57791

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

7.5CVSS6.2AI score0.0075EPSS
Exploits0References36
RedHat Linux
RedHat Linux
added 2024/12/11 4:18 p.m.6 views

kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO

In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...

5.5CVSS6.4AI score0.00277EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/14 1:27 a.m.6 views

kernel: wifi: cfg80211: check A-MSDU format more carefully

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more...

7.1CVSS6.7AI score0.00233EPSS
Exploits0References5
OSV
OSV
added 2024/05/22 9:15 a.m.3 views

DEBIAN-CVE-2021-47486

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NRJITITERATIONS steps, jitdata-header will be NULL, which triggers a NULL...

7.5CVSS5.4AI score0.00677EPSS
Exploits0References1
OSV
OSV
added 2024/05/22 9:15 a.m.6 views

UBUNTU-CVE-2021-47486

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NRJITITERATIONS steps, jitdata-header will be NULL, which triggers a NULL...

7.5CVSS5.8AI score0.00677EPSS
Exploits0References6
NVD
NVD
added 2024/05/19 9:15 a.m.22 views

CVE-2024-35891

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814getsigrx and lan8814getsigtx ptpparseheader may return NULL as ptpheader due to abnormal packet type or corrupted packet. Fix this bug by adding ptpheader check...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References4
Prion
Prion
added 2023/02/27 4:15 p.m.18 views

Design/Logic Flaw

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

5CVSS7.4AI score0.00658EPSS
Exploits2References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.5 views

SUSE CVE-2015-3658

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to...

6.8CVSS6.2AI score0.01998EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:48 a.m.3 views

SUSE CVE-2017-7303

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 because of missing a check in the findlink function for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash...

7.5CVSS6.7AI score0.02217EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/18 12:0 a.m.62 views

Security update for rpm (important)

openSUSE Security Update: Security update for rpm Announcement ID: openSUSE-SU-2021:1366-1 Rating: important References: 1179416 1183543 1183545 1183632 1183659 1185299 1187670 1188548 Cross-References: CVE-2021-20266 CVE-2021-20271 CVE-2021-3421 CVSS scores: CVE-2021-20266 NVD : 4.9...

5.3CVSS7.5AI score0.01706EPSS
Exploits0References8
SonicWall
SonicWall
added 2021/10/12 9:18 a.m.16 views

SonicOS Host Header Redirection

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. To avoid this vulnerability, follow these steps: Upgrade the firmware to the fixed version 6.5.4.8-89n, 7.0.1-R1456 etc. and higher versions,Enab...

5.3CVSS6.9AI score0.13041EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2021/06/03 11:22 a.m.3 views

ruby: Potential HTTP request smuggling in WEBrick

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

7.5CVSS7.2AI score0.03849EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.17 views

EulerOS Virtualization 3.0.2.6 : ruby (EulerOS-SA-2021-1450)

According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled wit...

7.5CVSS7.3AI score0.03849EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.27 views

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2021-1228)

According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not...

7.5CVSS7.4AI score0.03849EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/10/06 1:15 p.m.37 views

CVE-2020-25613

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

7.5CVSS6.8AI score0.03849EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/10/06 12:0 a.m.50 views

CVE-2020-25613

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

7.5CVSS6.8AI score0.03849EPSS
Exploits0
Rows per page
Query Builder