Lucene search
K

75 matches found

CNNVD
CNNVD
added 2025/01/06 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...

5.5CVSS6.8AI score0.00219EPSS
Exploits0References3
OSV
OSV
added 2024/12/06 2:31 p.m.4 views

CLSA-2024-1733483766 Fix of 9 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-49992 - drm: remove all control node code - drm: add managed resources tied to drmdevice - drm: Set finalkfree in drmdevalloc - drm/plane: add drmmuniversalplanealloc - drm: Handle dev-unique with drmm - drm: Use drmm for drmdevinit cleanup - drm:...

7.8CVSS7AI score0.00259EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.5 views

kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address

...

5.5CVSS7.6AI score0.00241EPSS
Exploits0
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a fixed MTRRs existence checking vulnerability in the x86/mtrr component...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References10
OSV
OSV
added 2024/07/16 1:15 p.m.4 views

DEBIAN-CVE-2022-48845

In the Linux kernel, the following vulnerability has been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following: 0.025698 CPU1 revision is: 0001a120 MIPS...

5.5CVSS5.4AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 12:0 a.m.68 views

CVE-2023-50434

CVE-2023-50434 affects emdns: emdns_resolve_raw in emdns.c may call strlen on non-terminated input, causing a stack-based buffer over-read. Exploitation is possible over the network via DNS requests to the emdns server; impact varies by libraries, compiler, and architecture. Code before be565c3 i...

9.8CVSS7.2AI score0.00561EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/29 12:0 a.m.25 views

CVE-2023-50434

emdnsresolveraw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be '\0' terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can send DNS requests to the emdns server. The impact could vary depending on the system...

7.2AI score0.00561EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/29 12:0 a.m.16 views

CVE-2023-50434

emdnsresolveraw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be '\0' terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can send DNS requests to the emdns server. The impact could vary depending on the system...

7.2AI score0.00561EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/17 10:15 a.m.16 views

CVE-2024-26841

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpusiblingmap when disabling nonboot CPUs Update cpusiblingmap when disabling nonboot CPUs by defining & calling clearcpusiblingmap, otherwise we get such errors on SMT systems: jump label: negative count!...

5.5CVSS5.7AI score0.00222EPSS
Exploits0References5
OSV
OSV
added 2023/08/29 6:26 p.m.6 views

CLSA-2023-1693333574 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: clsu32: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsfw: No longer copy tcfresult on update to avoid use-after- free - net/sched: clsroute: No longer copy tcfresult on update to avoid use- after-free...

7.8CVSS7.1AI score0.05794EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2022/11/07 12:0 a.m.46 views

sudo -- Potential out-of-bounds write for small passwords

CVE.org reports: Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to sudo by entering a password of seven...

7.1CVSS6.7AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/11/03 7:55 p.m.54 views

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

7.1CVSS3.5AI score0.00271EPSS
Exploits0References4
Prion
Prion
added 2022/11/02 2:15 p.m.22 views

Heap overflow

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

3.2CVSS6.8AI score0.00271EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2022/11/02 12:0 a.m.34 views

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

7.1CVSS7.2AI score0.00271EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/11/02 12:0 a.m.416 views

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

7.1CVSS7.3AI score0.00271EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/08/03 12:50 p.m.6 views

openssl: AES OCB fails to encrypt some bytes

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

5.3CVSS6.7AI score0.04425EPSS
Exploits0References5
OSV
OSV
added 2021/11/24 2:15 a.m.3 views

ALPINE-CVE-2021-28709

issues with partially successful P2M updates on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have...

7.8CVSS7.2AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/09 12:26 a.m.20 views

CVE-2020-26970

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird...

8.4AI score0.01222EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/11/11 10:19 a.m.4 views

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

5.5CVSS6.3AI score0.0051EPSS
Exploits0References6
Securelist
Securelist
added 2019/07/03 10:0 a.m.362 views

Sodin ransomware exploits Windows vulnerability and processor architecture

When Sodin also known as Sodinokibi and REvil appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. In a detailed analysis, we discovered that it also exploits the...

7.2CVSS0.3AI score0.69833EPSS
Exploits9
Rows per page
Query Builder