Lucene search
+L

385 matches found

redhat
redhat
added 2024/01/02 8:5 a.m.6 views

Mozilla: Use-after-free in PR_GetIdentitiesLayer

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...

8.8CVSS7.3AI score0.01092EPSS
Exploits0References6
redhat
redhat
added 2024/01/02 7:46 a.m.4 views

Mozilla: Use-after-free in PR_GetIdentitiesLayer

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...

8.8CVSS7.3AI score0.01092EPSS
Exploits0References6
veracode
veracode
added 2023/12/25 2:49 a.m.23 views

Use After Free

Firefox is vulnerable to Use After Free. The vulnerability is caused while creating TLS socket under memory pressure. This can lead to compromising Confidentiality, Integrity and Availability of the system...

8.8CVSS6.8AI score0.01092EPSS
Exploits0References10Affected Software3
redhatcve
redhatcve
added 2023/12/20 11:34 a.m.26 views

CVE-2023-6859

The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free condition affected TLS socket creation when under memory pressure...

8.8CVSS6.9AI score0.01092EPSS
Exploits0References5
susecve
susecve
added 2023/12/20 2:9 a.m.4 views

SUSE CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS8.8AI score0.01092EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2023/12/20 12:0 a.m.26 views

CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS7.2AI score0.01092EPSS
Exploits0References10
osv
osv
added 2023/12/20 12:0 a.m.3 views

UBUNTU-CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS7.3AI score0.01092EPSS
Exploits0References11
osv
osv
added 2023/12/19 2:15 p.m.2 views

DEBIAN-CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS8AI score0.01092EPSS
Exploits0References1
prion
prion
added 2023/12/19 2:15 p.m.26 views

Race condition

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.8CVSS6.4AI score0.01092EPSS
Exploits0References9Affected Software4
cve
cve
added 2023/12/19 1:38 p.m.146 views

CVE-2023-6859

CVE-2023-6859 is a memory-safety vulnerability described as a use-after-free affecting TLS socket creation under memory pressure. Affected products include Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox

8.8CVSS8.3AI score0.01092EPSS
Exploits0References9Affected Software3
alpinelinux
alpinelinux
added 2023/12/19 1:38 p.m.21 views

CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS8.6AI score0.01092EPSS
Exploits0
susecve
susecve
added 2023/09/20 11:26 p.m.6 views

SUSE CVE-2023-34322

For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...

7.5CVSS7.8AI score0.0023EPSS
Exploits0References20
susecve
susecve
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-1920

Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module XSM is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to injec...

4.4CVSS7AI score0.00401EPSS
Exploits0References9
susecve
susecve
added 2023/02/15 5:36 a.m.5 views

SUSE CVE-2013-4371

Use-after-free vulnerability in the libxllistcpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service heap corruption and crash...

4.4CVSS7.5AI score0.00402EPSS
Exploits0References5
redhat
redhat
added 2022/11/21 12:40 p.m.6 views

expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions...

7.5CVSS6.7AI score0.0226EPSS
Exploits1References5
osv
osv
added 2022/11/04 11:4 a.m.5 views

OESA-2022-2037 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in...

7.5CVSS9.2AI score0.0226EPSS
Exploits1References2
openvas
openvas
added 2022/08/26 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-2442-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.08579EPSS
Exploits5References2
osv
osv
added 2022/07/20 3:15 p.m.4 views

CVE-2022-22209

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service DoS. On all Junos platforms, the Kernel Routing Table KRT queue can get stuck due to a memory leak triggered ...

7.5CVSS5.8AI score0.00873EPSS
Exploits1References1
attackerkb
attackerkb
added 2022/07/13 4:0 p.m.8 views

CVE-2022-22209

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service DoS. On all Junos platforms, the Kernel Routing Table KRT queue can get stuck due to a memory leak triggered ...

7.5CVSS7.1AI score0.00873EPSS
Exploits1References2Affected Software1
mskb
mskb
added 2021/10/12 12:0 a.m.5 views

October 12, 2021-KB5005539 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2, and Windows Version 21H1

None None...

6.1AI score
Exploits0
Rows per page
Query Builder