Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52953 iommu/vt-d: Fix oops due to out of scope access

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7: 0000 1 SMP NOPTI Call Trace: dorawspinlock+0xaa/0x...

7.1CVSS0.00133EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:28 p.m.8 views

CVE-2026-52953

The CVE-2026-52953 issue affects the Linux kernel IOMMU VT-d subsystem, where an out-of-scope memory access could trigger a general protection fault (kernel oops) when a QEMU process is terminated. The triggering path involves domain_remove_dev_pasid and related IOMMU PASID handling, with a dummy...

7.1CVSS5.7AI score0.00133EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-49067

Name of the Vulnerable Software and Affected Versions File Browser affected versions not specified Description File Browser fails to properly validate symbolic links, allowing scoped users or unauthenticated public-share recipients to access files outside their intended directory boundaries. Whil...

7.5CVSS5.3AI score0.0046EPSS
Exploits0References8
OSV
OSV
added 2023/07/25 8:54 p.m.22 views

CVE-2023-38499 typo3/cms-core Information Disclosure due to Out-of-scope Site Resolution

TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters id and L allowed out-of-scope access to rendered content in the website...

3.7CVSS5.2AI score0.0088EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/07/25 6:25 p.m.49 views

Information Disclosure due to Out-of-scope Site Resolution

CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 3.5 Problem In multi-site scenarios, enumerating the HTTP query parameters id and L allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site b...

5.3CVSS6.7AI score0.0088EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.22 views

TYPO3 9.4.0 < 9.5.42 ELTS / 10.0.0 < 10.4.39 ELTS / 11.0.0 < 11.5.30 / 12.0.0 < 12.4.4 (TYPO3-CORE-SA-2023-003)

The version of TYPO3 installed on the remote host is prior to 9.4.0 9.5.42 ELTS / 10.0.0 10.4.39 ELTS / 11.0.0 11.5.30 / 12.0.0 12.4.4. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2023-003 advisory. - In multi-site scenarios, enumerating the HTTP query...

5.3CVSS5.7AI score0.0088EPSS
Exploits0References2
CNVD
CNVD
added 2021/04/21 12:0 a.m.7 views

Linux kernel resource management error vulnerability (CNVD-2021-30592)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in versions of Linux kernel prior to 5.7, which stems from the KVM subsystem allowing out-of-scope access after deletion. No...

7.8CVSS6.4AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.7 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in versions of Linux kernel prior to 5.7, which stems from the KVM subsystem allowing out-of-scope access after deletion. No...

7.8CVSS6.8AI score0.0032EPSS
Exploits0References4
CNVD
CNVD
added 2019/12/25 12:0 a.m.3 views

Input Validation Error Vulnerability in Multiple Qualcomm Products (CNVD-2020-03578)

The Qualcomm MSM8996AU, among others, is a central processing unit CPU product of Qualcomm Incorporated USA. An input validation error vulnerability exists in WLAN Host in multiple Qualcomm products, which can be exploited by an attacker to gain out-of-scope access while processing firmware event...

7.8CVSS7.1AI score0.0022EPSS
Exploits0References1
Rows per page
Query Builder