Lucene search
+L

205 matches found

RedhatCVE
RedhatCVE
added 2024/02/09 2:59 a.m.36 views

CVE-2023-3966

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

7.5CVSS6.8AI score0.01033EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/08 12:0 a.m.28 views

CVE-2023-3966

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

7.5CVSS6.7AI score0.01033EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2024/01/08 12:0 a.m.489 views

io_uring __io_uaddr_map() Dangerous Multi-Page Handling

iouring: iouaddrmap handles multi-page region dangerously iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. A comment in iouaddrmap explains that the imported...

5.5CVSS7.4AI score0.00282EPSS
Exploits3
OpenVAS
OpenVAS
added 2023/11/28 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2023:4586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.01381EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/11/27 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2023:4543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.01381EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/03/24 10:0 p.m.23 views

Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses

Impact An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmmsysutil::fam::FamStructWrapper, which can lead to out of bounds memory accesses. Patches The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserti...

7.5CVSS7.3AI score0.00556EPSS
Exploits0References7Affected Software1
RustSec
RustSec
added 2023/03/24 12:0 p.m.50 views

`Versionize::deserialize` implementation for `FamStructWrapper<T>` is lacking bound checks, potentially leading to out of bounds memory accesses

An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmmsysutil::fam::FamStructWrapper, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that...

7.5CVSS6.7AI score0.00556EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.35 views

K38456756: Kernel vulnerability CVE-2018-18445

Security Advisory Description In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...

7.8CVSS5.8AI score0.00533EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.31 views

K13323323: iRules LX vulnerability CVE-2021-22973

Security Advisory Description JSON parser function does not protect against out-of-bounds memory accesses or writes. CVE-2021-22973 Impact The Traffic Management Microkernel TMM may exit and restart while processing JSON payload with iRules LX commands, leading to a failover event. Security...

7.5CVSS6.4AI score0.00988EPSS
Exploits0Affected Software11
Prion
Prion
added 2022/12/15 11:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses typically, an untrusted operating system attacking a secure enclave can recover an RSA private key after observing the victim performing a single...

2.6CVSS5.3AI score0.00787EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.45 views

CVE-2022-46392

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses typically, an untrusted operating system attacking a secure enclave can recover an RSA private key after observing the victim performing a single...

5.7AI score0.00787EPSS
Exploits0References4
OSV
OSV
added 2022/12/15 12:0 a.m.25 views

CVE-2022-46392

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses typically, an untrusted operating system attacking a secure enclave can recover an RSA private key after observing the victim performing a single...

5.3CVSS5.1AI score0.00787EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2022/12/15 12:0 a.m.61 views

CVE-2022-46392

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses typically, an untrusted operating system attacking a secure enclave can recover an RSA private key after observing the victim performing a single...

5.3CVSS5.1AI score0.00787EPSS
Exploits0
Debian
Debian
added 2022/11/30 8:58 p.m.28 views

[SECURITY] [DLA 3214-1] libraw security update

Debian LTS Advisory DLA-3214-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne November 30, 2022 https://wiki.debian.org/LTS Package : libraw Version : 0.19.2-2+deb10u2 CVE ID : CVE-2020-15503 This update adds size checks to thumbnail extraction. Prior to these...

7.5CVSS6.7AI score0.03672EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.75 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0.1.6)

The version of AOS installed on the remote host is prior to 6.0.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0.1.6 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way i...

8.3CVSS7.4AI score0.78684EPSS
Exploits26References9
Xen Project
Xen Project
added 2022/06/09 12:0 p.m.69 views

x86 pv: Insufficient care with non-coherent mappings

ISSUE DESCRIPTION Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's...

7.2CVSS0.7AI score0.00494EPSS
Exploits3Affected Software1
NVD
NVD
added 2022/05/12 6:16 p.m.27 views

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses...

7.8CVSS0.00229EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/12 5:7 p.m.29 views

CVE-2021-26369

A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses...

7.7AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2022/04/24 10:52 p.m.8 views

GSD-2022-1002479 netlabel: fix out-of-bounds memory accesses

netlabel: fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.163 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:9 p.m.8 views

GSD-2022-1001389 netlabel: fix out-of-bounds memory accesses

netlabel: fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.0 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder