CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3095 matches found

OSV•added 2024/05/01 6:15 a.m.•2 views

AZL-42175 CVE-2024-26952 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to -Buffer offset to...

7.8CVSS6.5AI score0.00814EPSS

Exploits0References1

NVD•added 2024/05/01 6:15 a.m.•18 views

CVE-2024-26952

8.1CVSS7.5AI score0.00814EPSS

Exploits0References7

UbuntuCve•added 2024/05/01 6:15 a.m.•26 views

CVE-2024-26952

8.1CVSS6.5AI score0.00814EPSS

Exploits0References16

UbuntuCve•added 2024/05/01 6:15 a.m.•19 views

CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smbstrndupfromutf16 If -NameOffset of smb2createreq is smaller than Buffer offset of smb2createreq, slab-out-of-bounds read can happen from smb2open. This patch set the minimum value of the name...

7.1CVSS6.5AI score0.0025EPSS

Exploits0References10

OSV•added 2024/05/01 6:15 a.m.•0 views

UBUNTU-CVE-2024-27015

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...

5.5CVSS6.2AI score0.00228EPSS

Exploits0References20

OSV•added 2024/05/01 6:15 a.m.•0 views

UBUNTU-CVE-2024-26954

7.1CVSS6.4AI score0.0025EPSS

Exploits0References11

OSV•added 2024/05/01 6:15 a.m.•0 views

UBUNTU-CVE-2024-26952

8.1CVSS6.4AI score0.00814EPSS

Exploits0References17

Debian CVE•added 2024/05/01 5:19 a.m.•14 views

CVE-2024-26957

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

7.8CVSS7.2AI score0.00239EPSS

Exploits0

Cvelist•added 2024/05/01 5:18 a.m.•29 views

CVE-2024-26952 ksmbd: fix potencial out-of-bounds when buffer offset is invalid

7.7AI score0.00814EPSS

Exploits0References6

Debian CVE•added 2024/05/01 5:18 a.m.•29 views

CVE-2024-26952

8.1CVSS7.7AI score0.00814EPSS

Exploits0

CNNVD•added 2024/05/01 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an out-of-bounds problem when a buffer offset is invalid...

8.1CVSS6.7AI score0.00814EPSS

Exploits0References5

RedHat Linux•added 2024/04/30 10:33 a.m.•2 views

freerdp: missing offset validation leading to Out Of Bound Read

A flaw was found in FreeRDP. In the libfreerdp/codec/rfx.c file, there is no offset validation in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. As a result, crafted input can lead to an out-of-bounds read, which may result in a crash...

9.1CVSS5.8AI score0.01247EPSS

Exploits1References5

RedHat Linux•added 2024/04/30 10:20 a.m.•1 views

glib: GVariant offset table entry size is not checked in is_normal()

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...

7.5CVSS6.8AI score0.00761EPSS

Exploits0References5

RedHat Linux•added 2024/04/30 10:20 a.m.•2 views

glib: Timeout in fuzz_variant_text

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

7.5CVSS6.8AI score0.00774EPSS

Exploits0References6

RedHat Linux•added 2024/04/30 9:57 a.m.•1 views

kernel: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va

A flaw was found in the AMDGPU graphics driver within the Linux kernel was identified where the offsetinbo parameter in the drmamdgpugemva handler was not sufficiently validated. Under certain conditions, an addition of offsetinbo and mapsize can overflow, resulting in an out-of-bounds access...

7.2AI score0.00165EPSS

Exploits0References5

RedHat Linux•added 2024/04/30 9:50 a.m.•3 views

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

7.8CVSS5.9AI score0.00625EPSS

Exploits0References5

SUSE CVE•added 2024/04/30 2:26 a.m.•5 views

SUSE CVE-2022-48647

In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the txchanneloffset was hardcoded to 1, but that's not correct if efxsepparatetxchannels is false. In that case, the offset is 0 because the tx queu...

5.5CVSS6.2AI score0.00226EPSS

Exploits0References8

Tenable Nessus•added 2024/04/30 12:0 a.m.•42 views

RHEL 9 : qemu-kvm (RHSA-2024:2135)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2135 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...

7CVSS6.4AI score0.01405EPSS

Exploits1References61