Lucene search
K

144 matches found

Cvelist
Cvelist
added 2024/12/03 12:15 p.m.25 views

CVE-2024-10074 Liteos_a has an use after free vulnerability

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free...

8.8CVSS0.00158EPSS
Exploits0References1
OSV
OSV
added 2024/12/01 12:0 a.m.26 views

PUB-A-360158501

there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.4AI score0.00076EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/11/18 8:37 p.m.563 views

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

wordpress-really-simple-security-authn-bypass-vulnerable-appli...

9.8CVSS7.2AI score0.81722EPSS
Exploits21
NVD
NVD
added 2024/11/09 11:15 a.m.15 views

CVE-2024-50257

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

7.8CVSS0.00257EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/11/09 10:15 a.m.30 views

CVE-2024-50257 netfilter: Fix use-after-free in get_info()

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

0.00257EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/07 3:22 p.m.24 views

CVE-2024-10668 Auth Bypass in Quickshare

There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim. The root cause of the vulnerability lies in the fact that when a Payload Transfer frame of type FILE is sent to Quick Share, the file that is contained in this frame is written to disk ...

5.9CVSS6.5AI score0.0039EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/10/23 7:12 p.m.338 views

Exploit for CVE-2024-9926

wordpress-jetpack-broken-access-control-vulnerable-application...

4.3CVSS6.6AI score0.01148EPSS
Exploits3
Cvelist
Cvelist
added 2024/10/21 8:5 p.m.31 views

CVE-2022-48970 af_unix: Get user_ns from in_skb in unix_diag_get_exact().

In the Linux kernel, the following vulnerability has been resolved: afunix: Get userns from inskb in unixdiaggetexact. Wei Chen reported a NULL deref in skuserns 01, and Paolo diagnosed the root cause: in unixdiaggetexact, the newly allocated skb does not have sk. 2 We must get the userns from th...

0.00245EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/09/20 6:15 p.m.18 views

CVE-2024-8612

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

3.8CVSS6.5AI score0.00203EPSS
Exploits0References2
NVD
NVD
added 2024/09/13 9:15 p.m.25 views

CVE-2024-29779

there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00066EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/13 8:28 p.m.12 views

CVE-2024-29779

there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.2AI score0.00066EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/13 8:28 p.m.24 views

CVE-2024-29779

there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00066EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.3 views

PT-2024-23021 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no...

7.8CVSS6.6AI score0.00066EPSS
Exploits0References6
OSV
OSV
added 2024/09/01 12:0 a.m.17 views

PUB-A-336862373

there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00066EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 12:15 p.m.20 views

CVE-2024-44942

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FSINLINEDATA flag in inode during GC syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted...

7.8CVSS0.00223EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/08/24 3:4 p.m.180 views

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

This is a PoC exploit for CVE-2024-38063, a 0-day vulnerability...

9.8CVSS9.8AI score0.70564EPSS
Exploits24
UbuntuCve
UbuntuCve
added 2024/08/22 4:15 a.m.23 views

CVE-2022-48941

In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...

4.7CVSS6.2AI score0.00164EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/08/07 10:28 a.m.22 views

CrowdStrike Reveals Root Cause of Global System Outages

Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review PIR, has been traced bac...

7.4AI score
Exploits0
CISA
CISA
added 2024/08/06 12:0 p.m.8 views

Widespread IT Outage Due to CrowdStrike Update

Note: CISA will update this Alert with more information as it becomes available. Update 4:30 p.m., EDT, August 6, 2024: CrowdStrike has published its Root Cause Analysis RCA reportlink is external. According to CrowdStrike, “the full report elaborates on the information previously shared in our...

6.9AI score
Exploits0References19
NVD
NVD
added 2024/07/12 1:15 p.m.28 views

CVE-2024-40981

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadvpurgeorigref Many syzbot reports are pointing to soft lockups in batadvpurgeorigref 1 Root cause is unknown, but we can avoid spending too much time there and perhaps get more interesting...

5.5CVSS0.00229EPSS
Exploits0References9
Rows per page
Query Builder