Lucene search
K

199 matches found

OSV
OSV
added 2024/04/03 3:15 p.m.1 views

UBUNTU-CVE-2024-26722

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...

5.5CVSS6.1AI score0.00182EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2024/04/03 3:15 p.m.28 views

CVE-2024-26722

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...

5.5CVSS6.3AI score0.00182EPSS
Exploits0References22
OSV
OSV
added 2024/04/03 2:55 p.m.3 views

CVE-2024-26722 ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References13
Krebs on Security
Krebs on Security
added 2024/03/28 11:56 p.m.18 views

Thread Hijacking: Phishes That Prey on Your Curiosity

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipients natural curiosity about being copied on a private discussion, whic...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2024/03/25 12:0 a.m.11 views

Fedora: Security Advisory (FEDORA-2024-e34efa1300)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/06/17 10:7 a.m.7 views

jack-london.fr Cross Site Scripting vulnerability OBB-3438212

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/20 10:48 a.m.2 views

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/20 10:48 a.m.54 views

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/04/28 12:0 a.m.5 views

MagicJack A921 USB Phone Jack 安全漏洞

MagicJack A921 USB Phone Jack is a USB jack for free local and long distance calls from MagicJack USA. A security vulnerability exists in MagicJack A921 USB Phone Jack version v.1.4, which stems from the presence of an insecure privilege vulnerability. An attacker could exploit the vulnerability ...

6.6CVSS6.6AI score0.00472EPSS
Exploits1References5
Fedora
Fedora
added 2023/03/14 12:24 a.m.36 views

[SECURITY] Fedora 38 Update: qmmp-2.1.2-4.fc38

This program is an audio-player, written with help of Qt library. The user interface is similar to winamp or xmms. Main opportunities: Winamp and xmms skins support plugins support MPEG1 layer 2/3 support Ogg Vorbis support native FLAC support WavePack support ModPlug support PCM WAVE support CD...

8.8CVSS7.3AI score0.01118EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/03/14 12:0 a.m.20 views

Fedora: Security Advisory for qmmp (FEDORA-2023-a5e10b188a)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.01118EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/12/25 9:30 p.m.68 views

Starcounter-Jack JSON-Patch Prototype Pollution vulnerability

A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...

9.8CVSS2.8AI score0.01083EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2022/12/25 8:15 p.m.35 views

CVE-2021-4279

A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...

9.8CVSS0.01083EPSS
Exploits1References5
OSV
OSV
added 2022/12/25 8:15 p.m.21 views

CVE-2021-4279

A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...

9.8CVSS9.7AI score
Exploits0References5
Cvelist
Cvelist
added 2022/12/25 7:41 p.m.49 views

CVE-2021-4279 Starcounter-Jack JSON-Patch prototype pollution

A vulnerability has been found in Starcounter-Jack JSON-Patch up to 3.1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack can be initiated remotely...

6.3CVSS9.9AI score0.01083EPSS
Exploits1References5
CVE
CVE
added 2022/12/25 7:41 p.m.93 views

CVE-2021-4279

CVE-2021-4279 refers to a prototype pollution vulnerability in Starcounter-Jack JSON-Patch up to version 3.1.0. The issue allows manipulation of Object.prototype attributes and can be triggered remotely. Public disclosures describe a patch in 3.1.1 (patch name 7ad6af41eabb2d799f698740a91284d762c9...

9.8CVSS8AI score0.01083EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/25 12:0 a.m.9 views

PT-2022-11692 · Unknown · Starcounter-Jack Json-Patch

Name of the Vulnerable Software and Affected Versions: Starcounter-Jack JSON-Patch versions up to 3.1.0 Description: A vulnerability has been found in Starcounter-Jack JSON-Patch, classified as problematic. This issue affects unknown code and leads to improperly controlled modification of object...

9.8CVSS9.7AI score0.01083EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.5 views

kernel: ALSA: jack: Access input_dev under mutex

In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access inputdev under mutex It is possible when using ASoC that inputdev is unregistered while calling sndjackreport, which causes NULL pointer dereference. In order to prevent this serialize access to inputdev using...

5.5CVSS6.3AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.6 views

kernel: ALSA: jack: Access input_dev under mutex

In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access inputdev under mutex It is possible when using ASoC that inputdev is unregistered while calling sndjackreport, which causes NULL pointer dereference. In order to prevent this serialize access to inputdev using...

5.5CVSS6.3AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.4 views

kernel: ASoC: rt7*-sdw: harden jack_detect_handler

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References5
Rows per page
Query Builder