Lucene search
K

242 matches found

Vulnrichment
Vulnrichment
added 2024/03/26 3:17 p.m.28 views

CVE-2024-26644 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted error -2 WARNIN...

6.5AI score0.0023EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/03/19 6:23 p.m.2 views

emacs: command execution via shell metacharacters

A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file...

9.8CVSS7.5AI score0.01603EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/03/12 11:48 a.m.1 views

kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sltxtimeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information...

7.1CVSS6.6AI score0.00275EPSS
Exploits0References5
OSV
OSV
added 2024/03/05 9:15 a.m.4 views

CVE-2024-26337

swftools v0.9.2 was discovered to contain a segmentation violation via the function sfont at swftools/src/swfc.c...

4.3CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.5 views

Atheme Security Breach

Atheme is a set of IRC services open-sourced by Atheme. A security vulnerability exists in Atheme version 7.2.12, which stems from a memory leak contained in /atheme/src/crypto-benchmark/main.c. The vulnerability is caused by a memory leak in /atheme/src/crypto-benchmark/main.c, which contains a...

7.5CVSS6.8AI score0.00744EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/02/22 12:0 a.m.4 views

PT-2024-20910 · Flvmeta · Flvmeta

Name of the Vulnerable Software and Affected Versions: flvmeta version 1.2.2 Description: The issue allows a local attacker to cause a denial of service via the function in flv close at flvmeta/src/flv.c:375:21. Recommendations: For flvmeta version 1.2.2, as a temporary workaround, consider...

6.2CVSS6.4AI score0.00242EPSS
Exploits1References8
OSV
OSV
added 2024/02/07 2:15 p.m.5 views

CVE-2024-25201

Espruino 2v20 commit fcc9ba4 was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c...

7.5CVSS5.8AI score0.00702EPSS
Exploits1References1
OSV
OSV
added 2024/02/07 2:15 p.m.6 views

CVE-2024-24188

Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c...

9.8CVSS5.8AI score0.008EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/07 12:0 a.m.6 views

PT-2024-20310 · Jsish · Jsish

Name of the Vulnerable Software and Affected Versions: Jsish version 3.5.0 Description: A use-after-free issue was discovered in Jsish via the SplitChar at ./src/jsiUtils.c. Recommendations: For Jsish version 3.5.0, at the moment, there is no information about a newer version that contains a fix...

9.8CVSS9.4AI score0.00686EPSS
Exploits0References5
Fedora
Fedora
added 2023/12/07 2:9 a.m.26 views

[SECURITY] Fedora 39 Update: llhttp-9.1.3-1.fc39

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

7.5CVSS6.4AI score0.0085EPSS
Exploits1
Fedora
Fedora
added 2023/12/07 1:58 a.m.33 views

[SECURITY] Fedora 38 Update: llhttp-9.1.3-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

7.5CVSS6.4AI score0.0085EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/11/14 4:9 p.m.3 views

emacs: command execution via shell metacharacters

A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file...

9.8CVSS7.5AI score0.01603EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/11/08 9:15 p.m.8 views

CVE-2023-46363

jbig2enc v0.28 was discovered to contain a SEGV via jbig2addpage in src/jbig2enc.cc:512...

5.5CVSS5.8AI score0.00307EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.10 views

PT-2023-29981 · Jbig2Enc · Jbig2Enc

Name of the Vulnerable Software and Affected Versions: jbig2enc version 0.28 Description: The issue is related to a SEGV Segmentation Violation in the jbig2enc library. It occurs via the jbig2 add page function in the src/jbig2enc.cc file at line 512. Recommendations: For jbig2enc version 0.28,...

5.5CVSS6.5AI score0.00307EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2023/11/06 12:0 a.m.4 views

PT-2023-12543

Name of the Vulnerable Software and Affected Versions Ortus Solutions ColdBox Elixir version 3.1.6 Description A problematic vulnerability has been found in Ortus Solutions ColdBox Elixir, affecting the ENV Variable Handler component, specifically the file src/defaultConfig.js. This issue leads t...

7.5CVSS5.8AI score0.00598EPSS
Exploits0References8
Amazon
Amazon
added 2023/09/07 12:0 a.m.5 views

Low: file

Issue Overview: File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project. CVE-2022-48554 Affected Packages: file Issue Correction: Run dnf update file --releasever 2023.1.20230906 or dnf update --advisory ALAS2023-2023-333...

5.5CVSS9.5AI score0.00656EPSS
Exploits1
OSV
OSV
added 2023/08/22 7:16 p.m.2 views

DEBIAN-CVE-2021-33390

dpic 2021.04.10 has a use-after-free in thedeletestringbox function in dpic.y. A different vulnerablility than CVE-2021-32421...

9.8CVSS8.6AI score0.00634EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/17 12:0 a.m.28 views

Fedora: Security Advisory for llhttp (FEDORA-2023-105880e618)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03906EPSS
Exploits1References2
Fedora
Fedora
added 2023/08/07 1:27 a.m.36 views

[SECURITY] Fedora 38 Update: llhttp-8.1.1-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

7.5CVSS5.2AI score0.03906EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2023/06/23 2:15 a.m.4 views

CVE-2023-36192

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c...

7.8CVSS7.4AI score0.00308EPSS
Exploits1References2
Rows per page
Query Builder