Lucene search
K

310 matches found

Fedora
Fedora
added 2024/03/07 10:33 p.m.22 views

[SECURITY] Fedora 40 Update: xstream-1.4.20-6.fc40

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

8.8CVSS6.6AI score0.02578EPSS
Exploits3
CVE
CVE
added 2024/02/29 3:52 p.m.6750 views

CVE-2023-52498

CVE-2023-52498 : Linux kernel sleep deadlock in system-wide PM code in low-memory conditions. root cause: system-wide resume core code could deadlock because async_schedule_dev() sometimes runs the argument synchronously and may contend for a mutex; this could cause ordering issues in resume call...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2024/02/29 3:52 p.m.25 views

CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...

7.6AI score0.00238EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/02/29 3:52 p.m.19 views

CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...

6.8AI score0.00238EPSS
Exploits0References6
OSV
OSV
added 2024/02/29 3:52 p.m.5 views

CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because asyncscheduledev executes its argument function synchronously if it...

5.5CVSS5.7AI score0.00238EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2024/02/14 9:33 p.m.27 views

CVE-2024-24259

A memory leak flaw was found in the glutAddMenuEntry function of freeglut, an open-source alternative to the OpenGL Utility Toolkit. This issue may allow an attacker to launch a denial of service attack by crashing or hanging the program or take advantage of other unexpected program behavior...

5.3CVSS7.1AI score0.01147EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/02/14 9:33 p.m.28 views

CVE-2024-24258

A memory leak flaw was found in the glutAddSubMenu function of freeglut, an open-source alternative to the OpenGL Utility Toolkit. This flaw allows an attacker to launch a denial of service attack by crashing or hanging the program or taking advantage of other unexpected program behavior resultin...

5.3CVSS7.1AI score0.01147EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/01/22 12:0 a.m.51 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : libssh vulnerabilities (USN-6592-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-1 advisory. It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possib...

5.3CVSS7.1AI score0.01421EPSS
Exploits0References3
OSV
OSV
added 2024/01/12 11:6 a.m.5 views

OESA-2024-1042 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

5.3CVSS7.1AI score0.01421EPSS
Exploits0References2
Veracode
Veracode
added 2023/12/19 1:59 p.m.30 views

Denial Of Service (DoS)

libssh is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of proper validation and checking of return values in the abstract layer for message digest MD operations implemented by different supported crypto backends. This could lead to low-memory failures and potentially...

5.3CVSS7AI score0.01421EPSS
Exploits0References9Affected Software2
UbuntuCve
UbuntuCve
added 2023/12/19 12:15 a.m.46 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.7AI score0.01421EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.49 views

Slackware Linux 14.2 / 15.0 / current libssh Multiple Vulnerabilities (SSA:2023-353-01)

The version of libssh installed on the remote host is prior to 0.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-353-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References4
Cvelist
Cvelist
added 2023/12/18 11:27 p.m.40 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6AI score0.01421EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/12/18 11:27 p.m.64 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6AI score0.01421EPSS
Exploits0
CVE
CVE
added 2023/12/18 11:27 p.m.445 views

CVE-2023-6918

CVE-2023-6918 affects the libssh library where MD operation backends do not properly check return values, potentially causing low-memory failures, NULL dereferences, crashes, or using uninitialized memory as input to the KDF. This can lead to non-matching keys resulting in decryption/integrity fa...

5.3CVSS5.7AI score0.01421EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2023/12/18 11:27 p.m.48 views

CVE-2023-6918

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

5.3CVSS6.2AI score0.01421EPSS
Exploits0
OSV
OSV
added 2023/12/18 11:27 p.m.25 views

CVE-2023-6918 Libssh: missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

3.7CVSS6.6AI score0.01421EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2023/10/16 9:0 a.m.61 views

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2023/09/19 3:9 p.m.161 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS7.2AI score0.54577EPSS
Exploits8References9
AlmaLinux
AlmaLinux
added 2023/09/19 12:0 a.m.66 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipvlan: out-of-bounds write caused by unclear skb-cb CVE-2023-3090 kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests...

7.8CVSS7.4AI score0.05794EPSS
Exploits7References18
Rows per page
Query Builder