Lucene search
+L

423 matches found

Vulnrichment
Vulnrichment
added 2024/12/29 11:30 a.m.2 views

CVE-2024-56750 erofs: fix blksize < PAGE_SIZE for file-backed mounts

In the Linux kernel, the following vulnerability has been resolved: erofs: fix blksize sblocksize,bits directly for file-backed mounts when the fs block size is smaller than PAGESIZE. Previously, EROFS used sbsetblocksize, which caused a panic if bdev-backed mounts is not used...

6.1AI score0.0017EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/29 6:4 a.m.2 views

Malicious code in safeness-sb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d558c870d1afa6f183ac52e8fe21ea328ac4e688f64dd389d3a1b4e98f0a93f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/11/29 6:4 a.m.6 views

MAL-2024-11155 Malicious code in safeness-sb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d558c870d1afa6f183ac52e8fe21ea328ac4e688f64dd389d3a1b4e98f0a93f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Kaspersky
Kaspersky
added 2024/11/14 12:0 a.m.14 views

KLA77143 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability can be exploited remotely to gain...

8.8CVSS8.6AI score0.04422EPSS
Exploits1References6
Kaspersky
Kaspersky
added 2024/11/12 12:0 a.m.16 views

KLA77108 ACE vulnerability in Microsoft System Center

A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2024-5535 Related products Microsoft-System-Center-Virtual-Machine-Manager...

9.1CVSS8.9AI score0.05582EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2024/11/12 12:0 a.m.19 views

KLA77062 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Inappropriate implementation vulnerability in Blink can be...

8.8CVSS8.4AI score0.00362EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2024/10/21 11:53 a.m.12 views

CVE-2024-47691 f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fsstopgcthread syzbot reports a f2fs bug as below: dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x241/0x360 lib/dumpstack.c:114 printreport+0xe8/0x550 mm/kasan/report.c:491...

6.9AI score0.00238EPSS
Exploits0References4
NVD
NVD
added 2024/10/16 2:15 p.m.21 views

CVE-2024-48029

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hung Trang Si SB Random Posts Widget sb-random-posts-widget allows PHP Local File Inclusion.This issue affects SB Random Posts Widget: from n/a through = 1.0...

7.5CVSS0.00544EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 1:31 p.m.53 views

CVE-2024-48029

CVE-2024-48029 affects the WordPress SB Random Posts Widget. The vulnerability is an improper control of the filename for include/require statements in PHP (PHP Remote File Inclusion) that enables Local File Inclusion via the SB Random Posts Widget

7.5CVSS5.9AI score0.00544EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2024/10/15 12:0 a.m.37 views

KLA74035 Multiple vulnerabilities in Oracle Java

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Validation of untrusted input vulnerability can be exploited...

8.8CVSS9.1AI score0.01364EPSS
Exploits3References3
Patchstack
Patchstack
added 2024/10/09 9:3 a.m.7 views

WordPress SB Random Posts Widget plugin <= 1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin SB Random Posts Widget versions = 1.0...

7.5CVSS7AI score0.00544EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/09 12:0 a.m.22 views

WordPress SB Random Posts Widget Plugin <= 1.0 is vulnerable to Local File Inclusion

Software SB Random Posts Widget Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-48029 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 4e7fd324ea44 Credits João Pedro S Alcântara Kinorth Required...

7.5CVSS7.8AI score0.00544EPSS
Exploits0References2Affected Software1
Kaspersky
Kaspersky
added 2024/09/17 12:0 a.m.16 views

KLA73437 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be...

8.8CVSS7.6AI score0.00472EPSS
Exploits2References3
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.7 views

md/md-bitmap: fix incorrect usage for sb_index

...

5.5CVSS8.8AI score0.00219EPSS
Exploits0
Kaspersky
Kaspersky
added 2024/09/03 12:0 a.m.21 views

KLA73124 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1...

9.8CVSS9.8AI score0.04395EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2024/09/03 12:0 a.m.20 views

KLA73182 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1...

9.8CVSS10AI score0.04395EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/08/29 12:10 a.m.38 views

Important: Red Hat Security Advisory: linux-firmware security update

An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.5CVSS7.4AI score0.00622EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/08/22 3:29 a.m.3 views

SUSE CVE-2022-48869

In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the gadgetfs filesyste...

6.7CVSS6.5AI score0.00232EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2024/08/12 12:0 a.m.44 views

Unbreakable Enterprise kernel security update

4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...

6.9AI score0.00254EPSS
Exploits0
Kaspersky
Kaspersky
added 2024/07/30 12:0 a.m.23 views

KLA71071 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebTransport can be exploited to cause denial of...

8.8CVSS10AI score0.00916EPSS
Exploits1References3
Rows per page
Query Builder