Lucene search
K

87 matches found

Cvelist
Cvelist
added 2024/10/21 7:39 p.m.17 views

CVE-2024-50046 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42completecopies On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the...

0.00243EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/07/27 5:47 a.m.19 views

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

Cybersecurity researchers have discovered a malicious package on the Python Package Index PyPI repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/30 3:29 p.m.23 views

CVE-2024-36926 powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...

6.8AI score0.00241EPSS
Exploits0References4
CVE
CVE
added 2024/05/30 3:29 p.m.182 views

CVE-2024-36926

CVE-2024-36926 affects the Linux kernel on PowerPC pseries hardware, where LPARs boot with a frozen PE may lack the ibm,dma-window property. This can cause a NULL pointer dereference while configuring PCI, leading to an oops/panic during boot. The vulnerability is described with kernel traces (pc...

6.2CVSS7AI score0.00241EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2024/05/23 11:6 a.m.26 views

CVE-2021-47465

A possible stack corruption flaw was found in the Linux kernel in idlekvmstartguest. This issue may lead to compromised availability...

4.4CVSS7.7AI score0.00224EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47337

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...

5.5CVSS6AI score0.0024EPSS
Exploits0References10
Patchstack
Patchstack
added 2024/05/02 6:33 a.m.7 views

WordPress Float menu plugin < 6.0.1 - Menu Deletion via CSRF vulnerability

Menu Deletion via CSRF vulnerability discovered by Erwan LR WPScan in WordPress Plugin Float menu versions 6.0.1...

4.5CVSS7AI score0.0028EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/01 5:27 a.m.61 views

CVE-2024-26989 arm64: hibernate: Fix level3 translation fault in swsusp_save()

In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave On arm64 machines, swsuspsave faults if it attempts to access MEMBLOCKNOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off...

6.4AI score0.00238EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/04/24 8:35 a.m.5 views

WordPress WooCommerce Customers Manager plugin < 29.8 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin WooCommerce Customers Manager versions 29.8...

5.9CVSS6.4AI score0.00315EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2024/04/17 6:55 p.m.42 views

CVE-2024-26877

A vulnerability was found in the Linux kernel's Xilinx crypto driver. This issue is caused by failing to disable bottom halves BH when calling the cryptofinalizerequest function, leading to potential system warnings and call traces. Mitigation Mitigation for this issue is either not available or...

4.4CVSS8.2AI score0.00231EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/17 10:27 a.m.17 views

CVE-2024-26877 crypto: xilinx - call finalize with bh disabled

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling cryptofinalizerequest, BH should be disabled to avoid triggering the following calltrace: ------------ cut here ------------ WARNING: CPU: 2 PID: 74 at...

6.7AI score0.00231EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/04/17 10:14 a.m.21 views

CVE-2024-26847 powerpc/rtas: use correct function name for resetting TCE tables

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

6.9AI score0.0024EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/17 10:14 a.m.33 views

CVE-2024-26847 powerpc/rtas: use correct function name for resetting TCE tables

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-windows" but in practice firmware uses the singular form: "ibm,reset-pe-dma-window" in the device tree...

6.8AI score0.0024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/04/13 2:10 a.m.2 views

SUSE CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

5.9CVSS7.1AI score0.00991EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/04/05 8:51 p.m.33 views

CVE-2024-31852

A miscompile flaw was found in LLVM. In certain conditions, the LR register can be overwritten without data being saved to the stack, which can lead to an exploitable error in the compiled code. This affects the ARM backend and can be demonstrated with Clang. Mitigation Mitigation for this issue ...

4.2CVSS6AI score0.00991EPSS
Exploits0References3
OSV
OSV
added 2024/04/05 3:15 p.m.7 views

AZL-39830 CVE-2024-31852 affecting package clang16 for versions less than 16.0.0-1

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

5.9CVSS6.4AI score0.00991EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/05 12:0 a.m.26 views

CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

6.8AI score0.00991EPSS
Exploits0References4
OSV
OSV
added 2024/04/05 12:0 a.m.31 views

CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

5.9CVSS7.2AI score0.00991EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/01 8:32 a.m.3 views

WordPress WooCommerce Product Filter plugin < 1.4.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin Themify – WooCommerce Product Filter versions 1.4.4...

4.8CVSS6.4AI score0.00402EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/01 8:32 a.m.5 views

WordPress WooCommerce Product Filter plugin < 1.4.4 - Filter Deletion via CSRF vulnerability

Filter Deletion via CSRF vulnerability discovered by Erwan LR WPScan in WordPress Plugin Themify – WooCommerce Product Filter versions 1.4.4...

4.7CVSS7AI score0.00237EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder