Lucene search
K

103 matches found

NVD
NVD
added 2024/03/01 10:15 p.m.23 views

CVE-2021-47069

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

7CVSS7.3AI score0.00258EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/01 9:15 p.m.27 views

CVE-2021-47069 ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

6.6AI score0.00258EPSS
Exploits0References3
CVE
CVE
added 2024/03/01 9:15 p.m.5466 views

CVE-2021-47069

CVE-2021-47069 is a Linux kernel race in IPC paths: do_mq_timedreceive may call wq_sleep with a stack-allocated ewq_addr that can be overwritten, leading to a later access by do_mq_timedsend and a crash. The root cause is a race between the receiver’s stack address and the sender’s use of that ad...

7CVSS6.3AI score0.00258EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/02/20 9:15 p.m.20 views

CVE-2023-52438

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

7.8CVSS7.4AI score0.00295EPSS
Exploits0References8
Openbugbounty
Openbugbounty
added 2024/02/12 11:40 a.m.10 views

unitedwaysem.org Cross Site Scripting vulnerability OBB-3851832

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37600

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic...

5.5CVSS9.6AI score0.00661EPSS
Exploits1References103
CNVD
CNVD
added 2022/11/25 12:0 a.m.33 views

Unspecified Vulnerability in SolarWinds Security Event Manager

SolarWinds Security Event Manager SolarWinds SEM is an American SolarWinds, Inc. for forensics and troubleshooting, as well as a tool to help you manage log data. A security vulnerability exists in SolarWinds Security Event Manager 2022.2 and prior versions that stems from disclosing HTTP methods...

5.3CVSS5.2AI score0.00651EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

SEMCMS SQL注入漏洞

SEMCMS is a multilingual foreign trade web content management system CMS.A SQL injection vulnerability exists in SEMCMS SHOP version 1.1, which originates from the lack of validation of externally entered SQL statements in AntZekou.php. An attacker can use this vulnerability to execute illegal SQ...

9.8CVSS8.2AI score0.0062EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/09 12:0 a.m.4 views

SEMCMS SQL注入漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS suffers from a SQL injection vulnerability that stems from an unknown part of the file AntCheck.php being affected, where manipulation of the parameter DID can lead to sql injection and attacks ca...

9.8CVSS8.1AI score0.00547EPSS
Exploits0References3
NVD
NVD
added 2022/08/05 4:15 p.m.16 views

CVE-2022-33717

A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory...

4.4CVSS0.00091EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/05 4:15 p.m.6 views

CVE-2022-33714

Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot...

6.2CVSS5.8AI score0.00087EPSS
Exploits0References2
OSV
OSV
added 2022/08/05 4:15 p.m.5 views

CVE-2022-33714

Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot...

3.3CVSS5.8AI score0.00087EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/05 4:15 p.m.1 views

CVE-2022-33717

A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory...

4.4CVSS5.8AI score0.00091EPSS
Exploits0References2
Prion
Prion
added 2022/08/05 4:15 p.m.20 views

Input validation

A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory...

1.4CVSS4.6AI score0.00091EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/05 3:15 p.m.19 views

CVE-2022-33717

A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory...

4.4CVSS4.8AI score0.00091EPSS
Exploits0References1
CVE
CVE
added 2022/08/05 3:15 p.m.65 views

CVE-2022-33717

The CVE-2022-33717 issue affects Samsung SEM TA Module before SMR Aug-2022 Release 1, where missing input validation before memory reads allows a local attacker to read out-of-bounds memory. Affected component: SEM TA memory-read path within the ROM/TA environment (Sem Ta). Impact is confidential...

4.4CVSS4.5AI score0.00091EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.4 views

PT-2022-21834 · Sem Ta · Sem Ta

Name of the Vulnerable Software and Affected Versions: SEM TA versions prior to SMR Aug-2022 Release 1 Description: The issue is related to a missing input validation before memory read, allowing local attackers to read out of bound memory. Recommendations: For versions prior to SMR Aug-2022...

4.4CVSS4.4AI score0.00091EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/12 2:15 p.m.4 views

CVE-2022-30751

Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFIAPSTADHCPACKEVENT action...

3.3CVSS5.8AI score0.00094EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/06/06 9:22 p.m.34 views

TiDB authentication bypass vulnerability

Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...

7.8CVSS7.9AI score0.00311EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/06 9:22 p.m.41 views

GHSA-4WHX-7P29-MQ22 TiDB authentication bypass vulnerability

Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...

7.8CVSS7.8AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder