Lucene search
K

56 matches found

CVE
CVE
added 2025/03/11 2:0 p.m.166 views

CVE-2024-54085

AMI MegaRAC SPx BMC contains an authentication bypass via the Redfish Host Interface that allows remote attackers to bypass authentication. This affects SPx products, with CVSS data indicating CRITICAL impact (NVD CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8) and (CVSS 4.0: AV:N/AC:L/A...

10CVSS6.7AI score0.61202EPSS
In wildExploits0References8Affected Software1
Cvelist
Cvelist
added 2025/03/11 2:0 p.m.21 views

CVE-2024-54085 Redfish Authentication Bypass

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

10CVSS0.61202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/11 12:0 a.m.5 views

CVE-2024-54085

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. Recent assessments: Assessed Attacker Value...

10CVSS7.5AI score0.61202EPSS
In wildExploits0References2
OSV
OSV
added 2024/12/28 10:15 a.m.3 views

UBUNTU-CVE-2024-56689

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platformgetresourcebyname fails and returns NULL because DT lacks an 'mmio' property for the MHI endpoint, dereferencing res-start will cause a NULL pointer...

5.5CVSS6.2AI score0.00201EPSS
Exploits0References19
BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.4 views

Vulnerabilities of components of the Linux operating system’s kernel, such as IB/hfi1, that allow a hacker to trigger a service failure

The vulnerability of the IB/hfi1 components of the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References9Affected Software4
CNNVD
CNNVD
added 2024/11/20 12:0 a.m.5 views

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things from ARM UK. A security vulnerability exists in ARM Mbed OS version 6.16.0, which originates when processing HCI packets, where the software dynamically determines the length of the packet data by...

7.5CVSS7.2AI score0.00436EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.7 views

The vulnerability of the mhi component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mhi component in the Linux operating system’s kernel is related to the bypassing of a lock mechanism before entering the buffer queue. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.4CVSS6.3AI score0.00209EPSS
Exploits0References35Affected Software5
OSV
OSV
added 2024/08/23 11:8 a.m.2 views

OESA-2024-2010 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...

5.5CVSS6.6AI score0.0025EPSS
Exploits0References2
OSV
OSV
added 2024/08/23 11:8 a.m.4 views

OESA-2024-2012 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...

5.5CVSS6.6AI score0.0025EPSS
Exploits0References2
OSV
OSV
added 2024/08/23 11:8 a.m.3 views

OESA-2024-2011 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces...

5.5CVSS6.6AI score0.0025EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/07/16 12:25 p.m.22 views

CVE-2022-48866

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmasterinterrupts Syzbot reported an slab-out-of-bounds Read in thrustmasterprobe bug. The root case is in missing validation check of actual number of endpoints. Code should not blindl...

7.1CVSS5.4AI score0.00269EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.7 views

PT-2024-11290 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where the MHI Mobile Host Interface core does not properly validate channel IDs when processing command completions. This could lead to out-of-boun...

7.8CVSS6.4AI score0.00231EPSS
Exploits0References11
Mageia
Mageia
added 2024/05/09 2:40 a.m.49 views

Updated libvirt packages fix security vulnerability

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...

5.5CVSS7.1AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/06 12:0 a.m.27 views

Oracle Linux 9 : libvirt (ELSA-2024-2236)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2236 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' CVE-2023-3750, rhbz2221851 Tenable has extracted the preceding description block...

6.5CVSS6.5AI score0.00621EPSS
Exploits0References2
OSV
OSV
added 2024/04/15 4:44 p.m.4 views

USN-6734-1 libvirt vulnerabilities

Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. CVE-2024-1441 It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker cou...

6.2CVSS6.8AI score0.00398EPSS
Exploits0References4
OSV
OSV
added 2024/04/09 1:53 p.m.11 views

USN-6701-4 linux-azure vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.2AI score0.28058EPSS
Exploits18References13
Veracode
Veracode
added 2024/04/02 11:21 a.m.31 views

NULL Pointer Dereference

Libvirt is vulnerable to NULL pointer dereference. The vulnerability is caused by a race condition due to the simultaneous detachment of a host interface while collecting the list of interfaces using the virConnectListAllInterfaces API. This race condition leads to a situation where the path...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/03/18 1:15 p.m.2 views

DEBIAN-CVE-2024-2496

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/18 1:15 p.m.21 views

CVE-2024-2496

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/03/16 3:26 a.m.3 views

SUSE CVE-2024-2496

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References5
Rows per page
Query Builder