Lucene search
+L

9 matches found

SUSE CVE
SUSE CVE
added 2025/02/14 6:57 a.m.3 views

SUSE CVE-2023-3390

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

7.8CVSS6.2AI score0.00871EPSS
Exploits0References33
Vulnrichment
Vulnrichment
added 2024/11/15 12:0 a.m.11 views

CVE-2024-23169

The web interface in RSA NetWitness 11.7.2.0 allows Cross-Site Scripting XSS via the Where textbox on the Reports screen during new rule creation...

6AI score0.00269EPSS
Exploits0References2
CVE
CVE
added 2024/11/15 12:0 a.m.58 views

CVE-2024-23169

The CVE-2024-23169 vulnerability affects RSA NetWitness Platform (NetWitness) 11.7.2.0, where the web interface allows Cross-Site Scripting (XSS) via the Where textbox on the Reports screen during new rule creation. The available connected documents confirm the affected product and the specific U...

4.6CVSS6AI score0.00269EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/09/12 11:7 a.m.4 views

kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE

A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/09/12 9:56 a.m.4 views

kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE

A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/09/12 9:53 a.m.7 views

kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE

A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/07/13 12:0 a.m.4 views

The vulnerability of the Netfilter subsystem in Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Netfilter subsystem in Linux operating systems is related to the use of memory after it is freed during the processing of the NFTMSGNEWRULE parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

7.8CVSS6.6AI score0.00871EPSS
Exploits0References43Affected Software7
OSV
OSV
added 2023/06/28 9:15 p.m.3 views

UBUNTU-CVE-2023-3390

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

7.8CVSS6.6AI score0.00871EPSS
Exploits0References14
Huntr
Huntr
added 2022/02/18 1:27 p.m.21 views

Cross-site Scripting (XSS) - Stored

Stored-xss is possible when adding a rule. Create a new Alert Rule like below and adjust the query like below with the following payload " Save the rule and see a xss-pop up...

3.5CVSS1.4AI score0.00613EPSS
Exploits1
Rows per page
Query Builder