Lucene search
K

59 matches found

OSV
OSV
added 2024/05/30 4:15 p.m.1 views

DEBIAN-CVE-2024-36948

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

5.5CVSS5.4AI score0.0018EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.16 views

CVE-2024-36948

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an incorrect ordering of operands passed to the TLBI RANGE instruction, which can cause the target virtual...

5.5CVSS6.3AI score0.00225EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.6 views

PT-2024-27219

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential overflow in the result of the multiplication of two lower precision u32 operands before widening it to higher precision u64 in the drm/xe/xe migrate...

9.8CVSS6.7AI score0.01305EPSS
Exploits1References262
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 3:56 p.m.26 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to server-side request forgery due to [CVE-2023-28155]

Summary Node.js module Request is used by IBM App Connect Enterprise Certified Container operands for both internal and external HTTP calls. IBM App Connect Enterprise Certified Container operands are vulnerable to server-side request forgery. This bulletin provides patch information to address t...

6.1CVSS6.1AI score0.00719EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-2151

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service memory corruption, or possibly execute arbitrary code via unspecified vectors...

7.2CVSS7.5AI score0.0057EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.3 views

SUSE CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

5.5CVSS5.4AI score0.01058EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/08/27 4:50 p.m.36 views

CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

8.6CVSS7.6AI score0.01902EPSS
Exploits1
Xen Project
Xen Project
added 2019/11/12 6:1 p.m.106 views

TSX Asynchronous Abort speculative side channel

ISSUE DESCRIPTION This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019. Please see https://xenbits.xen.org/xsa/advisory-297.html for details about MDS. A new way to sample data from microarchitectural structures has been identified. A TSX Asynchronous...

6.5CVSS0.7AI score0.03133EPSS
Exploits0
CNVD
CNVD
added 2018/12/26 12:0 a.m.2 views

radare2 'parseOperands' function stack buffer overflow vulnerability

radare2 is a set of libraries and tools for working with binary files. A stack buffer overflow vulnerability exists in the 'parseOperands' function in the libr/asm/arch/arm/armass64.c file in radare2 versions prior to 3.1.2. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS7.1AI score0.01058EPSS
Exploits1References1
OSV
OSV
added 2018/12/25 7:29 p.m.2 views

UBUNTU-CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

5.5CVSS6.3AI score0.01058EPSS
Exploits1References4
CNVD
CNVD
added 2017/08/28 12:0 a.m.4 views

Linux Kernel 'drivers/acpi/acpica/dsutils.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpidscreateoperands' function in the drivers/acpi/acpica/dsutils.c file in Linux kernel 4.12.9 and earlier, which...

5.5CVSS5.8AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/28 12:0 a.m.3 views

Linux Kernel 'drivers/acpi/acpica/nseval.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpinsevaluate' function in the drivers/acpi/acpica/nseval.c file in Linux kernel versions 4.12.9 and earlier, whic...

5.5CVSS5.9AI score0.00436EPSS
Exploits0References1
OSV
OSV
added 2017/08/25 8:29 a.m.5 views

UBUNTU-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

5.5CVSS6.7AI score0.00439EPSS
Exploits0References4
OSV
OSV
added 2017/08/25 8:29 a.m.3 views

DEBIAN-CVE-2017-13693

The acpidscreateoperands function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism in the kerne...

5.5CVSS7.2AI score0.00439EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.20 views

SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:0747-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : CVE-2015-2756: XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through...

7.2CVSS7.1AI score0.0057EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.40 views

SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : XSA-125: Long latency MMIO mapping operations were not preemptible. CVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides...

7.8CVSS6.7AI score0.02513EPSS
Exploits0References11
OSV
OSV
added 2015/03/12 2:59 p.m.1 views

DEBIAN-CVE-2015-2151

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service memory corruption, or possibly execute arbitrary code via unspecified vectors...

7.2CVSS8.8AI score0.0057EPSS
Exploits0References1
n0where
n0where
added 2014/03/01 1:6 a.m.29 views

Basic Integer Overflows

Introduction Basic Integer Overflow : In this paper we are going to describe two classes of programming bugs which can sometimes allow a malicious user to modify the execution path of an affected process. Both of these classes of bug work by causing variables to contain unexpected values, and so...

1.6AI score
Exploits0
Rows per page
Query Builder