Lucene search
K

290 matches found

ATTACKERKB
ATTACKERKB
added 2025/07/25 3:27 p.m.5 views

CVE-2025-38446

In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4, clkregister occurs an out-of-bounds when accessing parentnames member. Use ARRAYSIZE instead of hardcode number here. BUG: KASAN:...

7.1CVSS5.8AI score0.00149EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/03 8:15 a.m.1 views

DEBIAN-CVE-2025-38095

In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating numfences smpstoremb inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference can be happened if memory...

5.5CVSS5.5AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from dma-buf not inserting a memory barrier before updating numfences, which could result in a null pointer dereferen...

5.5CVSS6.9AI score0.00167EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: corrected the incorrect validation of the numaces field in smbacl. parsedcal now validates numaces to allocate an array of posixacestatearray. If numaces is greater than ULONGMAX / sizeofstruct smbace++, it results in a...

5.5CVSS6.4AI score0.00178EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dma-buf: A memory barrier should be inserted before updating numfences. smpstoremb inserts a memory barrier after storing data. This differs from what the comment originally intended; a null pointer dereferencing can occur if the...

5.5CVSS6AI score0.00167EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/15 12:0 a.m.3 views

board-stm32f103rc-berial 安全漏洞

board-stm32f103rc-berial is an application by uyk personal developer. A security vulnerability exists in board-stm32f103rc-berial, which originates from a stack buffer overflow due to the incorrect operation of parameter num in file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1hal.c...

5.5CVSS5.8AI score0.00272EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.5 views

CVE-2024-37622

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the num parameter at /flow/flow.php...

6.1CVSS5.8AI score0.0027EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 a.m.7 views

CVE-2012-2741

Cross-site scripting XSS vulnerability in publichtml/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action...

4.3CVSS5.8AI score0.02863EPSS
Exploits1References1
OSV
OSV
added 2025/05/20 5:15 p.m.5 views

UBUNTU-CVE-2025-37975

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

7.1CVSS6.2AI score0.0015EPSS
Exploits0References25
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.4 views

Ensure That Rotation Is Enabled for Audit Logs

maxlogfileaction decides the action taken when the size of a log file reaches the upper limit. By default, ROTATE is configured in openEuler, indicating that a new log file is created when the size of a log file reaches the upper limit and the original log file is not deleted. numlogs specifies t...

6.8AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/18 11:19 p.m.3 views

SUSE CVE-2025-39728

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

5.5CVSS7.7AI score0.00227EPSS
Exploits0References15
OSV
OSV
added 2025/04/02 2:16 p.m.2 views

DEBIAN-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

5.5CVSS5.9AI score0.00178EPSS
Exploits0References1
OSV
OSV
added 2025/04/02 2:16 p.m.2 views

UBUNTU-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

5.5CVSS6.3AI score0.00178EPSS
Exploits0References39
CVE
CVE
added 2025/04/02 2:0 p.m.144 views

CVE-2025-21994

CVE-2025-21994 is a Linux kernel vulnerability in the ksmbd module where validation for the num_aces field of smb_acl was incorrect. The advisory notes that parse_dcal() should verify num_aces using the actual buffer size (smb_acl->size) rather than checking against a calculation that could al...

5.5CVSS7.2AI score0.00178EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/30 12:0 a.m.4 views

The vulnerability of the audio_element_obu() function in the libavformat library of the Ffmpeg multimedia environment allows a hacker to induce a service failure.

The vulnerability of the audioelementobu function in the libavformat library of the Ffmpeg multimedia environment is related to improper memory release before deleting the last reference „memory leak“ when processing the numparameters parameter. Exploiting this vulnerability can allow an attacker...

5CVSS5.8AI score0.00505EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2025/03/27 5:15 p.m.5 views

UBUNTU-CVE-2022-49761

In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no chance that btrfsdebug is enabled. This can lead to very little usefu...

7.8CVSS6.1AI score0.00182EPSS
Exploits0References7
OSV
OSV
added 2025/03/02 2:15 p.m.3 views

DEBIAN-CVE-2025-1816

A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...

5.3CVSS4.4AI score0.00505EPSS
Exploits0References1
OSV
OSV
added 2025/03/02 2:15 p.m.2 views

UBUNTU-CVE-2025-1816

A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...

5.3CVSS5AI score0.00505EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/02/27 3:14 a.m.5 views

SUSE CVE-2021-47650

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

5.5CVSS7.6AI score0.00239EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.3 views

SUSE CVE-2022-49145

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing CPC data If the NumEntries field in the CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then...

4.4CVSS7.5AI score0.00264EPSS
Exploits0References10
Rows per page
Query Builder