Lucene search
K

112 matches found

OSV
OSV
added 2024/10/21 1:15 p.m.3 views

DEBIAN-CVE-2024-49861

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 1:15 p.m.1 views

UBUNTU-CVE-2024-49861

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...

7.1CVSS6.3AI score0.00222EPSS
Exploits0References22
Amazon
Amazon
added 2024/09/04 12:0 a.m.8 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise numphys CVE-2024-42159 In the Linux kernel, the following...

7.8CVSS7.3AI score0.0032EPSS
Exploits3
Amazon
Amazon
added 2024/05/03 12:0 a.m.6 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-52620 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocatefra...

7.8CVSS7.1AI score0.00992EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/18 10:19 a.m.20 views

CVE-2023-52619 pstore/ram: Fix crash when setting number of cpus to an odd number

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will become: addr of zone0 =...

6.7AI score0.00243EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...

5.7AI score0.00167EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/10/03 5:54 p.m.24 views

K000137107: Crypto++ vulnerability CVE-2022-48570

Security Advisory Description Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-143...

7.5CVSS5.9AI score0.00823EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

5.3CVSS6.6AI score0.02285EPSS
Exploits1References7
OSV
OSV
added 2023/01/06 11:4 a.m.3 views

OESA-2023-1009 ImageMagick security update

Security Fixes: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to...

7.8CVSS6.9AI score0.01327EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.8AI score0.04703EPSS
Exploits0References2
OSV
OSV
added 2021/11/24 1:15 a.m.2 views

ALPINE-CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS7.3AI score0.00328EPSS
Exploits0References1
Prion
Prion
added 2021/11/24 1:15 a.m.30 views

Design/Logic Flaw

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

6.9CVSS8.5AI score0.00348EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2019/12/10 1:49 p.m.4 views

USN-4218-1 eglibc vulnerability

Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

9.8CVSS7.5AI score0.04778EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2019/12/10 1:49 p.m.65 views

USN-4218-1: GNU C Library vulnerability

Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

9.8CVSS8AI score0.04778EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.28 views

EulerOS 2.0 SP2 : zziplib (EulerOS-SA-2019-2478)

According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The zziplib is a lightweight library to easily extract data from zip files.Security Fixes:An issue was discovered in ZZIPlib through 0.13.69...

6.5CVSS6.1AI score0.02854EPSS
Exploits13References14
Veracode
Veracode
added 2018/02/01 8:27 a.m.22 views

Denial Of Service (DoS)

ZZIPlib is vulnerable to denial of service DoS attacks. The library contains a memory alignment error and bus error in the zzip/zip.c file, allowing a malicious user to pass a zip file to the application to cause it to crash...

6.5CVSS6AI score0.02285EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2018/02/01 5:29 a.m.20 views

Design/Logic Flaw

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

4.3CVSS6.1AI score0.02285EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2018/02/01 5:29 a.m.24 views

CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

6.5CVSS6.5AI score
Exploits0References3
NVD
NVD
added 2018/02/01 5:29 a.m.15 views

CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

6.5CVSS5.6AI score0.02285EPSS
Exploits1References3
OSV
OSV
added 2018/02/01 5:29 a.m.1 views

DEBIAN-CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

6.5CVSS5.5AI score0.02285EPSS
Exploits1References1
Rows per page
Query Builder