Lucene search
K

152 matches found

OSV
OSV
added 2023/01/17 6:41 p.m.6 views

GSD-2023-1001114 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path

f2fs: fix to invalidate dcc-f2fsissuediscard in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2023/01/17 6:1 p.m.11 views

GSD-2023-1000705 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path

f2fs: fix to invalidate dcc-f2fsissuediscard in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/10/12 8:13 p.m.43 views

GHSA-4M5P-5W5W-3JCF com.enonic.xp:lib-auth vulnerable to Session Fixation

Impact All id-providers using lib-auth login method. Patches https://github.com/enonic/xp/commit/0189975691e9e6407a9fee87006f730e84f734ff https://github.com/enonic/xp/commit/2abac31cec8679074debc4f1fb69c25930e40842 https://github.com/enonic/xp/commit/1f44674eb9ab3fbab7103e8d08067846e88bace4...

9.8CVSS9.5AI score0.00836EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.9 views

PT-2022-28162 · Enonic · Enonic Xp

Name of the Vulnerable Software and Affected Versions: Enonic XP versions less than 7.7.4 Description: The issue is a session fixation problem that allows a remote and unauthenticated attacker to use prior sessions due to the lack of invalidating session attributes. This affects all id-providers...

9.8CVSS9.3AI score0.00836EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.4 views

PT-2022-7185 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a memory leak in the fscache invalidate function in the fs/fscache/cookie.c module of the Linux kernel. This can be exploited to cause a denial of service. The...

5.5CVSS5.1AI score0.00246EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2022/06/24 2:15 p.m.3 views

CVE-2022-32990

An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS...

5.5CVSS5.8AI score0.0065EPSS
Exploits1References2
OSV
OSV
added 2022/05/14 1:14 a.m.21 views

GHSA-G4G7-Q726-V5HG Symfony CSRF Token Fixation

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...

8.8CVSS8.2AI score0.00761EPSS
Exploits0References13
OSV
OSV
added 2022/03/23 8:15 p.m.1 views

DEBIAN-CVE-2021-4148

A vulnerability was found in the Linux kernel's blockinvalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service DOS problem...

5.5CVSS6.2AI score0.00309EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel blockinvalidatepage function, which can be exploited by an attacker to cause a program to crash...

5.5CVSS6.5AI score0.00309EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.56 views

Jetty 11.0.x < 11.0.3 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...

5.3CVSS5.7AI score0.7848EPSS
Exploits3References4
OSV
OSV
added 2021/06/30 12:38 a.m.44 views

UVI-2021-1001083 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer

x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/30 12:38 a.m.9 views

GSD-2021-1001083 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer

x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/30 12:32 a.m.12 views

GSD-2021-1001002 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer

x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.46 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/30 12:32 a.m.7 views

UVI-2021-1001002 x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer

x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.46 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/02/19 7:15 p.m.2 views

DEBIAN-CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

5.3CVSS5.6AI score0.00843EPSS
Exploits0References1
OSV
OSV
added 2021/02/19 7:15 p.m.10 views

UBUNTU-CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

5.3CVSS6AI score0.00843EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/02/19 6:57 p.m.19 views

CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

5.3CVSS5.2AI score0.00843EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/07/20 12:0 a.m.10 views

PT-2020-6010 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.5 through 5.7.9 Description: The issue is related to the tss invalidate io bitmap function in the Linux kernel, which is associated with incorrect default permission settings. An attacker may exploit this to gain...

9.8CVSS7AI score0.06692EPSS
Exploits34References241
OSV
OSV
added 2019/05/20 5:29 p.m.3 views

ALPINE-CVE-2019-12222

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...

6.5CVSS7AI score0.01931EPSS
Exploits1References1
OSV
OSV
added 2019/05/20 5:29 p.m.0 views

DEBIAN-CVE-2019-12222

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...

6.5CVSS7AI score0.01931EPSS
Exploits1References1
Rows per page
Query Builder