Lucene search
K

22 matches found

Cvelist
Cvelist
added 2026/05/27 12:18 p.m.37 views

CVE-2026-45979 drm/amdgpu: clean up the amdgpu_cs_parser_bos

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...

0.00107EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftobjtypeget. The function nftunregisterobj can occur concurrently with nftobjtypeget. There is no protection when iterating over the nftablesobjects list in nftobjtypeget...

4.7CVSS6.5AI score0.00197EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/04/05 8:2 a.m.10 views

drm/amdgpu: Limit BO list entry count to prevent resource exhaustion

...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
NVD
NVD
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23468

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

5.5CVSS0.00123EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23468

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.23 views

CVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustion

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

0.00123EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 3:15 p.m.30 views

CVE-2026-23468

CVE-2026-23468 affects the Linux kernel’s DRM/amdgpu BO list handling. The issue was an attacker-controlled bo_number could trigger excessive memory allocation and slow list processing; the fix introduces a hard limit of 128k entries per BO list and returns -EINVAL when exceeded. Connected adviso...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/amdgpu subsystem where the number of BO list entries is not limited. Userspace can provide an arbitrary number of BO list entries via the bo...

9.8CVSS5.9AI score0.00443EPSS
Exploits0References470
SUSE CVE
SUSE CVE
added 2026/03/11 4:25 p.m.4 views

SUSE CVE-2025-69654

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...

7.5CVSS5.8AI score0.00284EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.6 views

CVE-2025-69654

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...

7.5CVSS5.8AI score0.00284EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/06 9:30 p.m.3 views

EUVD-2025-208350

A crafted JavaScript input executed with the QuickJS release 2025-09-13, fixed in commit fcd33c1afa7b3028531f53cd1190a3877454f6b3 2025-12-11,qjs interpreter using the -m option and a low memory limit can cause an out-of-memory condition followed by an assertion failure in JSFreeRuntime...

5.8AI score0.00284EPSS
Exploits1References2
OSV
OSV
added 2025/12/24 12:9 p.m.5 views

CVE-2025-68749 accel/ivpu: Fix race condition when unbinding BOs

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

4.7CVSS6.2AI score0.00086EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2025/07/14 12:0 a.m.4 views

OpenBlow Missing Headers

Multiple public deployments of the OpenBlow whistleblowing software lack critical HTTP security headers. These configurations expose users to client-side vulnerabilities including cross site scripting, clickjacking, API misuse, and referer leakage. Given the extreme sensitivity of users...

6.8AI score
Exploits0
OSV
OSV
added 2025/02/17 7:54 p.m.5 views

CLSA-2025-1739822055 libvirt: Fix of CVE-2023-3750

CVE-2023-3750: fix race condition in virStoragePoolObjListSearch function to prevent denial of service...

6.5CVSS6.6AI score0.00621EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/01/11 12:35 p.m.9 views

CVE-2024-54455

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix general protection fault in ivpubolist Check if ctx is not NULL before accessing its fields...

5.5CVSS5.6AI score0.0017EPSS
Exploits0
NVD
NVD
added 2024/08/07 2:15 a.m.28 views

CVE-2024-34634

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

4CVSS0.00147EPSS
Exploits0References1
OSV
OSV
added 2024/08/07 2:15 a.m.3 views

CVE-2024-34634

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

3.3CVSS5.8AI score0.00147EPSS
Exploits0References1
CVE
CVE
added 2024/08/07 1:30 a.m.40 views

CVE-2024-34634

Samsung Notes contains an out-of-bounds read vulnerability in the parsing of the connected object list, affecting versions prior to 4.4.21.62. This allows a local attacker to access unauthorized memory. The issue is documented across multiple sources (e.g., CVE-2024-34634 entries in NVD/CVE lists...

4CVSS4.1AI score0.00147EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/05/01 9:36 a.m.17 views

GHSA-JXGR-GCJ5-CQQG nautobot has reflected Cross-site Scripting potential in all object list views

Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting Reflected XSS attack against users. All filterable object-list views in Nautobot are...

7.5CVSS7.2AI score0.00491EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2024/05/01 9:36 a.m.34 views

nautobot has reflected Cross-site Scripting potential in all object list views

Impact It was discovered that due to improper handling and escaping of user-provided query parameters, a maliciously crafted Nautobot URL could potentially be used to execute a Reflected Cross-Site Scripting Reflected XSS attack against users. All filterable object-list views in Nautobot are...

7.5CVSS6.8AI score0.00491EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder