CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4536 matches found

RedHat Linux•added 2024/04/30 9:57 a.m.•2 views

kernel: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00probeone There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 size 12288: comm "modprobe", pid 19117, jiffies 4299751452 age 42490.264s hex dump first 32...

6.8AI score0.0003EPSS

Exploits0References5

AlmaLinux•added 2024/04/30 12:0 a.m.•33 views

Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in...

8.6CVSS8.8AI score0.00393EPSS

Exploits0References6

Positive Technologies•added 2024/04/29 12:0 a.m.•1 views

PT-2024-8926 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the clk dvp probe function in the Linux kernel, where the -num member is assigned after -hws has been accessed. This can cause an array-index-out-of-bounds...

10CVSS6.5AI score0.00449EPSS

Exploits6References725

SUSE CVE•added 2024/04/23 1:44 a.m.•2 views

SUSE CVE-2024-26906

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...

4.4CVSS6.2AI score0.00006EPSS

Exploits0References16

SUSE CVE•added 2024/04/20 2:8 a.m.•1 views

SUSE CVE-2024-26876

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511probe. If an IRQ already is pending during adv7511probe before adv7511cecinit then cecreceivedmsgts could crash using uninitialized...

5.5CVSS6.2AI score0.00018EPSS

Exploits0References9

SUSE CVE•added 2024/04/20 2:8 a.m.•1 views

SUSE CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglinkaltmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmicglinkaltmode...

5.5CVSS6.6AI score0.00009EPSS

Exploits0References10

SUSE CVE•added 2024/04/19 2:20 a.m.•2 views

SUSE CVE-2023-52645

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs i...

5.5CVSS6.3AI score0.00007EPSS

Exploits0References11

SUSE CVE•added 2024/04/19 2:18 a.m.•1 views

SUSE CVE-2024-26820

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed If hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot perform VF register successfully as the register call is received before netvscpro...

4.4CVSS6.3AI score0.00011EPSS

Exploits0References6

SUSE CVE•added 2024/04/19 2:18 a.m.•2 views

SUSE CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS6.3AI score0.00018EPSS

Exploits0References16

BDU FSTEC•added 2024/04/19 12:0 a.m.•2 views

The vulnerability in the demon probe_serviced component of the testing and monitoring platform for physical, hybrid, and virtual networks, Paragon Active Assurance (previously known as Netrounds), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the demon probeserviced testing and monitoring platform for physical, hybrid, and virtual networks of Paragon Active Assurance previously known as Netrounds is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor,...

8.4CVSS5.5AI score0.0012EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2024/04/17 7:28 p.m.•19 views

CVE-2024-26866

A vulnerability was found in the fsllpspiprobe function in the Linux kernel, which handles memory allocation manually with the spiallochost and spialloctarget functions, but also utilizes the devmspiregistercontroller function. This could result in a potential use-after-free issue if the devm...

4.1CVSS8.5AI score0.00018EPSS

Exploits0References4

RedhatCVE•added 2024/04/17 6:55 p.m.•24 views

CVE-2024-26876

4.4CVSS6.8AI score0.00018EPSS

Exploits0References4

OSV•added 2024/04/17 4:15 p.m.•0 views

DEBIAN-CVE-2024-26919

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...

5.5CVSS5.6AI score0.00012EPSS

Exploits0References1

OSV•added 2024/04/17 4:15 p.m.•0 views

UBUNTU-CVE-2024-26919

5.5CVSS6.2AI score0.00012EPSS

Exploits0References12

OSV•added 2024/04/17 3:59 p.m.•4 views

CVE-2023-52645 pmdomain: mediatek: fix race conditions with genpd

4.7CVSS5.9AI score0.00007EPSS

Exploits0References8

OSV•added 2024/04/17 11:15 a.m.•4 views

DEBIAN-CVE-2024-26906