Lucene search
K

1907 matches found

Debian CVE
Debian CVE
added 2025/02/26 2:13 a.m.9 views

CVE-2022-49522

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

5.5CVSS5.6AI score0.00241EPSS
Exploits0
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the qca8k switch not resetting the cpu port when the MTU is changed...

5.5CVSS5.2AI score0.00237EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not limiting the maximum segment size based on the capabilities of the DMA engine, which could result in a DMA...

5.5CVSS5.5AI score0.00241EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.17 views

Amazon Linux 2 : python-jwcrypto (ALAS-2025-2763)

The version of python-jwcrypto installed on the remote host is prior to 0.4.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2763 advisory. JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cau...

6.8CVSS6.2AI score0.0098EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.9 views

PT-2025-8660 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A signed integer overflow issue has been identified in the Linux kernel, specifically in the ipv6 component, related to the l2tp ip6 sendmsg function. This occurs when the length len i...

7.8CVSS8AI score0.93838EPSS
Exploits13References491
Amazon
Amazon
added 2025/02/25 12:0 a.m.7 views

Medium: python-jwcrypto

Issue Overview: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot o...

6.8CVSS6.7AI score0.0098EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.3 views

PT-2025-47992

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.0.13 MongoDB Server versions prior to 8.1.2 Description MongoDB Server may encounter an invariant failure during batched delete operations when processing documents. Th...

7.5CVSS6.6AI score0.00252EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2025/02/14 6:31 a.m.6 views

SUSE CVE-2023-28709

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted...

7.5CVSS8.7AI score0.51547EPSS
Exploits1References9
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Added a check for the srqmaxsge attribute. The maxsge attribute is passed by the user and is inserted and used unchecked. Therefore, ensure that the value does not exceed the maximum allowed value before using it...

5.5CVSS6.1AI score0.0027EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: kirin – A buffer overflow issue was addressed in kirinpcieparseport. Within kirinpcieparseport, the value of pcie-numslots is compared to pcie-gpioidreset.size which is equal to MAXPCISLOTS. This comparison is correct;...

7.8CVSS6.8AI score0.00232EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Consider the NULL character when validating the event length. strlen returns the length of a string excluding the null byte. If the string length equals the maximum buffer length, there will be no space left in the buffe...

7.8CVSS5.8AI score0.00249EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Avoid overflows in the dirty throttling logic. The dirty throttling logic relies on assumptions that dirty limits in PAGESIZE units fit within 32-bit boundaries so that various calculations can be performed within 64 bits. If...

4.4CVSS5.7AI score0.00244EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/02/11 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-7206-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.72059EPSS
Exploits8References3
RedhatCVE
RedhatCVE
added 2025/02/05 7:45 p.m.13 views

CVE-2022-40725

PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated...

7.3CVSS6.8AI score0.00187EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/02/05 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-1106)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.01686EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/02 12:0 a.m.5 views

PT-2025-20625

Name of the Vulnerable Software and Affected Versions run-llama/llama index version latestv0.12.15 Description A Denial of Service DoS issue has been identified in the KnowledgeBaseWebReader class due to inadequate secure coding practices. Specifically, the lack of proper implementation of the ma...

7.8CVSS6.4AI score0.00438EPSS
Exploits1References15
SUSE CVE
SUSE CVE
added 2025/01/22 3:48 a.m.1 views

SUSE CVE-2024-57938

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

5.5CVSS7.9AI score0.00207EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2025/01/21 5:55 p.m.30 views

Moderate: Red Hat Security Advisory: JBoss EAP XP 5.0 Update 1.0 release. See references for release notes.

JBoss EAP XP 5.0 Update 1.0 release. See references for release notes. JBoss EAP XP 5.0 Update 1.0 GA release. See references for release notes. Security Fixes: io.vertx/vertx-grpc: Vertx gRPC server does not limit the maximum message size CVE-2024-8391 For more details about the security issues,...

7.5CVSS7.1AI score0.0058EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2025/01/21 2:21 p.m.8 views

CVE-2024-57936

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix max SGEs for the Work Request Gen P7 supports up to 13 SGEs for now. WQE software structure can hold only 6 now. Since the max send sge is reported as 13, the stack can give requests up to 13 SGEs. This is causin...

5.5CVSS7AI score0.00195EPSS
Exploits0References4
OSV
OSV
added 2025/01/21 12:15 p.m.10 views

AZL-55901 CVE-2024-57938 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctpassociationinit While by default maxautoclose equals to INTMAX / HZ, one may set net.sctp.maxautoclose to UINTMAX. There is code in sctpassociationinit that can consequently...

5.5CVSS5.8AI score0.00207EPSS
Exploits0References1
Rows per page
Query Builder