Lucene search
K

1907 matches found

NVD
NVD
added 2025/01/08 6:15 p.m.9 views

CVE-2024-56783

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

5.5CVSS0.002EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/08 5:51 p.m.12 views

CVE-2024-56783 netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

0.002EPSS
Exploits0References4
OSV
OSV
added 2025/01/08 5:51 p.m.7 views

CVE-2024-56783 netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

5.5CVSS6AI score0.002EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/01/02 2:38 p.m.1 views

CVE-2022-49035 media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE

In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case...

7.5AI score0.00203EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-34413

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to out-of-boundary access within the f2fs filesystem when handling device paths. Specifically, if the device path length reaches MAX PATH LEN,...

7.1CVSS7AI score0.00164EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/12/28 12:0 a.m.4 views

PT-2024-37005 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the kfd get cu occupancy function, which previously declared a large cu occupancy array as a local variable. This could lead to stack overflows due to excessive stac...

7.8CVSS6.2AI score0.00212EPSS
Exploits0References9
OSV
OSV
added 2024/12/27 2:15 p.m.7 views

AZL-56250 CVE-2024-56544 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.2 views

DEBIAN-CVE-2024-53225

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/27 1:50 p.m.2 views

CVE-2024-53225 iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

6AI score0.00193EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/12/27 6:46 a.m.20 views

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

The Apache Software Foundation ASF has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046 , the vulnerability carries a CVSS score of 10.0. It...

10CVSS10AI score0.78198EPSS
Exploits28
SUSE CVE
SUSE CVE
added 2024/12/27 12:17 a.m.3 views

SUSE CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

5.5CVSS6.6AI score0.00213EPSS
Exploits0References3
OSV
OSV
added 2024/12/24 12:15 p.m.5 views

AZL-54960 CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

5.5CVSS6.7AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/12/24 12:15 p.m.2 views

DEBIAN-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

5.5CVSS5.5AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/12/24 12:15 p.m.1 views

UBUNTU-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References44
Vulnrichment
Vulnrichment
added 2024/12/24 11:28 a.m.5 views

CVE-2024-53145 um: Fix potential integer overflow during physmem setup

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

7.7AI score0.00213EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/12/11 4:21 p.m.2 views

kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that dev-hardheaderlen is zero, and we attempt later to push an Ethernet header. U...

5.5CVSS6.8AI score0.0023EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/09 11:32 a.m.24 views

CVE-2024-54227 WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Dotstore Minimum and Maximum Quantity for WooCommerce min-and-max-quantity-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through = 2.0.0...

4.3CVSS0.00376EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

WordPress plugin Minimum and Maximum Quantity for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

4.3CVSS8.2AI score0.00376EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/05 7:46 p.m.2 views

WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Minimum and Maximum Quantity for WooCommerce versions = 2.0.0...

4.3CVSS7AI score0.00376EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/12/05 12:0 a.m.52 views

CVE-2024-38920

CVE-2024-38920 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, describing a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic parameter /amcl max_beams, enabling network-based attack with no user interaction. The CVSS 3...

9.1CVSS7.2AI score0.00508EPSS
Exploits0References3
Rows per page
Query Builder