Lucene search
K

226 matches found

Cvelist
Cvelist
added 2025/05/29 1:15 p.m.20 views

CVE-2025-37999 fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio()

In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofsonlinefoliosplit after bioaddfolio If bioaddfolio fails because it is full, erofsfileioscanfolio needs to submit the I/O request via erofsfileiorqsubmit and allocate a new I/O request with an empty stru...

0.00146EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.3 views

CVE-2023-21120

In multiple functions of cdmengine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

7.8CVSS6.8AI score0.00072EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.8 views

CVE-2021-22906

Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users...

6.5CVSS6.6AI score0.00722EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:52 p.m.8 views

CVE-2020-8867

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

7.5CVSS6.5AI score0.0258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.7 views

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...

7.8CVSS6.9AI score0.01747EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.9 views

CVE-2019-14091

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250,...

7.8CVSS7.2AI score0.00153EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/05/07 7:13 p.m.5 views

libsemanage bug fix update

An update is available for libsemanage. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsemanage library provides an API for the manipulation of SELinux...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/06 3:7 a.m.4 views

SUSE CVE-2022-49931

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a "IB/hfi1: Fix abba locking issue with scdisable" incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References10
CVE
CVE
added 2025/05/02 3:55 p.m.83 views

CVE-2023-53109

CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnels’ xmit paths and als...

5.5CVSS6.6AI score0.00166EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/01 2:11 p.m.7 views

CVE-2022-49931 IB/hfi1: Correctly move list in sc_disable()

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a "IB/hfi1: Fix abba locking issue with scdisable" incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered...

6AI score0.00154EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.4 views

PT-2025-23158

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to the erofs file system. The issue arises when bio add folio fails due to being full, and erofs fileio scan folio retrie...

7.8CVSS7.3AI score0.09796EPSS
Exploits5References329
NVD
NVD
added 2025/04/01 4:15 p.m.15 views

CVE-2025-21986

In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...

5.5CVSS0.00139EPSS
Exploits0References6
CVE
CVE
added 2025/04/01 3:47 p.m.110 views

CVE-2025-21986

CVE-2025-21986 affects the Linux kernel net: switchdev notification path. The root cause is a blocking notification chain that uses a read-write semaphore to protect the chain, which allows recursive notifications to cause the semaphore to be acquired twice for reading. In certain bridge/offload ...

5.5CVSS7.1AI score0.00139EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/03/27 4:43 p.m.11 views

CVE-2023-53022 net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()

In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetctxonesteptstamp This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty 967 Not tainted...

0.00136EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/03/19 12:0 a.m.5 views

The vulnerability of the mlx5e_arfs_enable() function in the drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mlx5earfsenable function in the drivers/net/ethernet/mellanox/mlx5/core/enarfs.c file of the Linux kernel is related to insufficient resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.7AI score0.00175EPSS
Exploits0References17Affected Software7
OSV
OSV
added 2025/03/11 5:16 p.m.2 views

CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS5.9AI score0.01744EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-54460

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in isolistenbis This fixes the circular locking dependenc...

5.5CVSS5.9AI score0.00133EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-48875

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: don't take devreplace rwsem on task already holding it Running fstests btrfs/011 wit...

5.5CVSS6.2AI score0.00143EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-49943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: add missing locking in wedgedfini Any non-wedged queue can have a zero...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2024-58071

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was...

5.5CVSS6.8AI score0.00147EPSS
Exploits0References3
Rows per page
Query Builder