Lucene search
K

30457 matches found

NVD
NVD
added 2024/10/21 6:15 p.m.17 views

CVE-2024-49880

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in allocflexgd Wesley reported an issue: ================================================================== EXT4-fs dm-5: resizing filesystem from 7168 to 786432 blocks ------------ cut here -----------...

7.8CVSS0.00245EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 6:1 p.m.9 views

CVE-2024-49898 drm/amd/display: Check null-initialized variables

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables WHAT & HOW drrtiming and subvppipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing. This fixes 2...

5.5CVSS6.3AI score0.00236EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/10/21 3:47 p.m.4 views

SUSE CVE-2024-47702

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/dataend/datameta syzbot reported a kernel crash due to commit 1f1e864b6555 "bpf: Handle sign-extenstin ctx member accesses". The reason is due to sign-extension of 32-bit...

5.5CVSS7.1AI score0.00203EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2024/10/21 12:18 p.m.8 views

CVE-2024-49856

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EP...

5.5CVSS5.8AI score0.00205EPSS
Exploits0
NVD
NVD
added 2024/10/21 12:15 p.m.17 views

CVE-2024-47687

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...

5.5CVSS0.00234EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/10/21 12:14 p.m.10 views

CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

5.5CVSS5.8AI score0.00233EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/10/21 11:53 a.m.14 views

CVE-2024-47687 vdpa/mlx5: Fix invalid mr resource destroy

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...

6.5AI score0.00234EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.13 views

WordPress Social Share Buttons Plugin <= 1.19 is vulnerable to Cross Site Scripting (XSS)

Software Social Share Buttons Type Plugin Vulnerable versions = 1.19 Fixed in 1.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9219 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 38e78d810a01 Credits Colin Xu Requir...

6.1CVSS5.6AI score0.00368EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/10/17 6:31 p.m.4 views

GHSA-J42F-WC6V-5XPQ Duplicate Advisory: Permissive Regular Expression in tacquito

Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That...

9.8CVSS9.4AI score0.00442EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/16 9:3 p.m.11 views

CVE-2024-48918 Lack of Input Validation in RDS Light - Potential for Injection Attacks and Memory Tampering

RDS Light is a simplified version of the Reflective Dialogue System RDS, a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module main.p...

9.3CVSS7.5AI score0.00392EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2024/10/16 5:34 p.m.2 views

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...

7.8CVSS8.6AI score0.00757EPSS
Exploits1References56
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.15 views

Qnap QTS Cross-site Scripting (CVE-2021-44053)

A cross-site scripting XSS vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and...

6.1CVSS6.2AI score0.00706EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.18 views

Qnap QTS OS Command Injection (CVE-2023-23368)

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later...

9.8CVSS8.7AI score0.18687EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.25 views

Qnap QTS Improper Authentication (CVE-2024-21899)

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578...

9.8CVSS8.2AI score0.24365EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.13 views

Qnap QTS Stack-based Buffer Overflow (CVE-2023-41278)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS7.5AI score0.00547EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/10/15 11:32 p.m.16 views

CVE-2024-47764 affecting package reaper for versions less than 3.1.1-13

CVE-2024-47764 affecting package reaper for versions less than 3.1.1-13. A patched version of the package is available...

6.9CVSS6.4AI score0.00749EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/10/15 7:11 p.m.19 views

CVE-2022-41916 affecting package samba for versions less than 4.18.3-1

CVE-2022-41916 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.00891EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/10/15 6:24 p.m.12 views

CVE-2024-46737 affecting package kernel for versions less than 6.6.51.1-5

CVE-2024-46737 affecting package kernel for versions less than 6.6.51.1-5. An upgraded version of the package is available that resolves this issue...

5.5CVSS6.8AI score0.00268EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/10/15 6:21 p.m.13 views

CVE-2024-6232 affecting package tensorflow for versions less than 2.16.1-7

CVE-2024-6232 affecting package tensorflow for versions less than 2.16.1-7. A patched version of the package is available...

7.5CVSS7.8AI score0.02203EPSS
Exploits2
CBLMariner
CBLMariner
added 2024/10/15 6:21 p.m.28 views

CVE-2024-45590 affecting package python-tensorboard for versions less than 2.16.2-5

CVE-2024-45590 affecting package python-tensorboard for versions less than 2.16.2-5. A patched version of the package is available...

7.5CVSS7.7AI score0.00824EPSS
Exploits1
Rows per page
Query Builder