Lucene search
K

1923 matches found

SUSE CVE
SUSE CVE
added 2024/07/18 3:6 a.m.6 views

SUSE CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

5.5CVSS6.5AI score0.00263EPSS
Exploits0References13
OSV
OSV
added 2024/07/16 12:15 p.m.1 views

DEBIAN-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

7.1CVSS5.8AI score0.00263EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 12:15 p.m.9 views

UBUNTU-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

7.1CVSS6.7AI score0.00263EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/07/16 11:43 a.m.33 views

CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX

In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...

0.00281EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/07/16 2:34 a.m.4 views

SUSE CVE-2024-40917

In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...

5.5CVSS7.2AI score0.00264EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/07/16 2:34 a.m.11 views

SUSE CVE-2024-40990

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...

5.5CVSS6.6AI score0.0027EPSS
Exploits0References16
Citrix
Citrix
added 2024/07/13 12:0 a.m.17 views

How to Find Maximum Size of IP Data Payload that can Traverse WAN Environment Without Fragmentation

Citrix SD-WAN, formerly NetScaler SD-WAN This article describes how to find out the maximum size of IP data payload that can traverse a WAN environment without fragmentation. Background The CloudBridge acceleration parameters are sent through TCP options, which use the space in the IP data payloa...

7.1AI score
Exploits0
OSV
OSV
added 2024/07/12 4:15 p.m.1 views

UBUNTU-CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...

9.8CVSS5.8AI score0.00602EPSS
Exploits0References4
OSV
OSV
added 2024/07/12 1:55 p.m.18 views

SUSE-SU-2024:2463-1 Security update for squashfs

This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...

8.1CVSS7.7AI score0.0691EPSS
Exploits2References8
OSV
OSV
added 2024/07/12 1:15 p.m.2 views

DEBIAN-CVE-2024-40990

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...

5.5CVSS5.5AI score0.0027EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.4 views

DEBIAN-CVE-2024-40917

In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...

5.5CVSS5.3AI score0.00264EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/07/12 1:15 p.m.25 views

CVE-2024-40990

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...

5.5CVSS6.4AI score0.0027EPSS
Exploits0References21
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

UBUNTU-CVE-2024-40917

In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...

5.5CVSS5.8AI score0.00264EPSS
Exploits0References12
OSV
OSV
added 2024/07/12 1:15 p.m.2 views

UBUNTU-CVE-2024-40990

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...

5.5CVSS6.1AI score0.0027EPSS
Exploits0References22
CVE
CVE
added 2024/07/12 12:37 p.m.115 views

CVE-2024-40990

The CVE-2024-40990 issue is a Linux kernel vulnerability in RDMA/mlx5 where the srq max_sge attribute, supplied by users, was inserted/used without proper bounds checks. The fix adds verification against the maximum allowed value before use, addressing potential overflow/abuse locally. Applicable...

5.5CVSS6.7AI score0.0027EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.5 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the memblock component failing to properly warn about the use of MAXNUMNODES when setting up nodes...

5.5CVSS8.2AI score0.00264EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.5 views

xrdp security vulnerability

xrdp is an open source remote desktop protocol server from neutrinolabs open source. A security vulnerability exists in xrdp versions prior to 0.10.0 that stems from an invalid limit on the configuration parameter for the maximum number of login attempts, allowing an attacker to make unlimited...

9.8CVSS6.8AI score0.00602EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.3 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/mlx5 component failing to check if the value of the maxsge attribute of an SRQ exceeds the maximum...

5.5CVSS8.2AI score0.0027EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.4 views

PT-2024-29801 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from a change in how the maximum segment size is handled, specifically in the sdhci component. The function blk queue max segment size ensures that the maximum size is...

7.5CVSS6.4AI score0.00182EPSS
Exploits0References14
VMware
VMware
added 2024/07/10 12:0 a.m.14 views

VMSA-2024-0017: VMware Aria Automation updates address SQL-injection vulnerability (CVE-2024-22280)

Advisory ID: | VMSA-2024-0017 ---|--- Advisory Severity: | Important CVSSv3 Range: | 8.5 Synopsis: | VMware Aria Automation updates address SQL-injection vulnerability CVE-2024-22280 Issue date: | 2024-07-10 Updated on: | 2024-07-10 CVEs | CVE-2024-22280 1. Impacted Products VMware Aria Automatio...

8.5CVSS7.9AI score0.00472EPSS
Exploits0References8Affected Software2
Rows per page
Query Builder