Lucene search
+L

280 matches found

UbuntuCve
UbuntuCve
added 2024/05/01 6:15 a.m.33 views

CVE-2024-26990

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU accounts for any...

5.5CVSS6.2AI score0.00224EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/04/30 10:36 a.m.7 views

QEMU: improper IDE controller reset can lead to MBR overwrite

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

7CVSS7.2AI score0.00231EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/04/13 2:19 a.m.4 views

SUSE CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/04/10 7:15 p.m.29 views

CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References6
OSV
OSV
added 2024/04/10 7:15 p.m.7 views

UBUNTU-CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/04/10 6:56 p.m.20 views

CVE-2021-47187 arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

6.8AI score0.00225EPSS
Exploits0References4
CVE
CVE
added 2024/04/10 6:56 p.m.89 views

CVE-2021-47187

CVE-2021-47187 concerns arm64: dts: qcom: msm8998 in the Linux kernel. The issue was a miscalculation of min-residency-us and conflicting idle-time parameters between CPU sleep and L2 power-collapse timings, which could cause SoC instability (random reboots/lockups) when CPU scaling is enabled. A...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2024/04/10 6:56 p.m.24 views

CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CP...

5.5CVSS5.7AI score0.00225EPSS
Exploits0
HackRead
HackRead
added 2024/03/29 2:0 p.m.14 views

IdeaSoft To Launch an Innovative Perpetual DEX on INTMAX’s Open-source L2 Plasma Next

By Uzair Amir Building on Plasma Next would make the DEX as convenient as CEX for trading with low fees, slippage, and waiting period. This is a post from HackRead.com Read the original post: IdeaSoft To Launch an Innovative Perpetual DEX on INTMAX’s Open-source L2 Plasma Next...

7.4AI score
Exploits0
Fedora
Fedora
added 2024/03/23 12:52 a.m.27 views

[SECURITY] Fedora 40 Update: ovn-23.09.0-139.fc40

OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups...

6.5CVSS7AI score0.00783EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/29 7:16 p.m.21 views

Security Bulletin: Vulnerabilities in GSKit affect Content Manager Enterprise Edition (CVE-2015-7421)

Summary Vulnerabilities were discovered in GSKit. Content Manager Enterprise Edition uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-7421 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The internal ICC PRNG...

5CVSS3.9AI score0.01847EPSS
Exploits0Affected Software1
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.19 views

L1 TO L2 ERC20 TOKEN TRANSFER CAN BE DoS IN THE FxERC20ChildTunnel CONTRACT SINCE A MALICIOUS USER CAN SET THE fxRootTunnel ADDRESS TO AN INVALID ADDRESS

Lines of code Vulnerability details Impact The FxERC20ChildTunnel is a smart contract which is used for the L2 token management. The FxERC20ChildTunnel contract inherits from the FxBaseChildTunnel contract. The FxBaseChildTunnel contract has the validateSender modifier which requires the sender o...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.15 views

In FxERC20RootTunnel, there is no option to get bridged tokens back in case the transaction can not be executed on L2

Lines of code Vulnerability details Impact If the transaction on L2 fails to be executed the tokens deposited on L1 will be lost since there is no way to recover them Proof of Concept When calling FxERC20RootTunnel:: withdraw the users deposits a certain amount of tokens to the bridge that he wan...

7AI score
Exploits0
NVD
NVD
added 2023/12/20 8:15 a.m.30 views

CVE-2023-0011

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

7.6CVSS0.00482EPSS
Exploits0References1
Prion
Prion
added 2023/12/20 8:15 a.m.20 views

Input validation

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

4.6CVSS7.6AI score0.00482EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/20 7:55 a.m.7 views

CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

7.6CVSS7.4AI score0.00482EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/20 7:55 a.m.39 views

CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

7.6CVSS7.9AI score0.00482EPSS
Exploits0References1
CVE
CVE
added 2023/12/20 7:55 a.m.64 views

CVE-2023-0011

CVE-2023-0011 affects the TOBY-L2 family (TOBY-L200/TOBY-L201/TOBY-L210/TOBY-L220/TOBY-L280). A flaw in input validation allows an attacker with physical access to the serial interface to execute arbitrary OS commands via crafted AT commands, granting root privileges, enabling reading system file...

7.6CVSS7AI score0.00482EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.8 views

PT-2023-15946 · Toby-L200 +4 · Toby-L200 +4

Name of the Vulnerable Software and Affected Versions: TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280 Description: A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This issue...

7.6CVSS7AI score0.00482EPSS
Exploits0References4
Amazon
Amazon
added 2023/11/15 12:0 a.m.6 views

Medium: qemu

Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...

7CVSS6.8AI score0.00231EPSS
Exploits0
Rows per page
Query Builder