Lucene search
K

80 matches found

OSV
OSV
added 2024/07/22 10:34 a.m.25 views

SUSE-SU-2024:2571-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39371: iouring: check for non-NULL file pointer in iofilecanpoll bsc1226990. - CVE-2023-52846: hsr: Prevent use after free in prpcreatetaggedframe bsc122509...

9.8CVSS8.5AI score0.02701EPSS
Exploits4References596
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.7 views

PT-2024-7603

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to use-after-free problems in the Linux kernel, specifically in the drm/stm module. The ltdc load function calls drm crtc init with planes, drm universal plane init, and dr...

7.8CVSS5.5AI score0.00239EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/07/02 8:15 a.m.5 views

CVE-2024-5545

The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stmeditdeleteusercar function in all versions up to, and including, 1.4.8. This makes it possible for unauthenticated attackers to...

5.3CVSS6AI score0.0033EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/06/24 11:15 p.m.8 views

SUSE CVE-2024-38627

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

5.5CVSS6.4AI score0.00251EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2024/06/21 7:53 p.m.22 views

CVE-2024-38627

A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stmregisterdevice could lead to a double-free error. This issue occurs when the putdevice&stm-;dev call triggers stmdevicerelease to free "stm", making the subsequent vfreestm call redundant...

5.6CVSS8.3AI score0.00251EPSS
Exploits0References4
OSV
OSV
added 2024/06/21 11:15 a.m.2 views

DEBIAN-CVE-2024-38627

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

7.8CVSS5.7AI score0.00251EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/21 11:15 a.m.19 views

CVE-2024-38627

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

7.8CVSS6.4AI score0.00251EPSS
Exploits0References32
OSV
OSV
added 2024/06/21 11:15 a.m.5 views

UBUNTU-CVE-2024-38627

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

7.8CVSS6.2AI score0.00251EPSS
Exploits0References33
OSV
OSV
added 2024/06/21 10:18 a.m.21 views

CVE-2024-38627 stm class: Fix a double free in stm_register_device()

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

7.8CVSS6.3AI score0.00251EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/06/21 10:18 a.m.26 views

CVE-2024-38627 stm class: Fix a double free in stm_register_device()

In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...

0.00251EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.8 views

PT-2024-28758 · WordPress · Wordpress Header Builder Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Header Builder Plugin – Pearl plugin for WordPress versions up to, and including, 1.3.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'stm hb' shortcode due to insufficient input sanitization and...

6.4CVSS5.9AI score0.00493EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/01 4:9 a.m.8 views

WordPress MasterStudy LMS plugin <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action vulnerability

Unauthenticated Privilege Escalation via stmlmsregister AJAX Action vulnerability discovered by Hiroho Shimada in WordPress Plugin MasterStudy LMS versions = 3.3.1...

9.8CVSS8.6AI score0.00834EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/28 12:0 a.m.4 views

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application from Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. A security vulnerability previously existed in Synology Surveillance Station version 9.2.0-11289, which stemmed from a...

7.7CVSS6.3AI score0.00797EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2024/01/17 1:51 p.m.63 views

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...

7.8CVSS8.7AI score0.00663EPSS
Exploits5
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.5 views

WordPress Plugin Unauthenticated Account Creation 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

9.8CVSS8.4AI score0.014EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2023/05/12 5:5 p.m.10 views

stm-sport.dk Cross Site Scripting vulnerability OBB-3327126

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/02/20 8:9 p.m.9 views

stm-assoc.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1098400 Security Researcher Hchabik Helped patch 2375 vulnerabilities Received 5 Coordinated Disclosure badges Received 2 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting stm-assoc.org website and i...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/02/13 3:13 p.m.6 views

stm-market.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1090793 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.6AI score
Exploits0
Lenovo
Lenovo
added 2019/11/09 1:22 p.m.120 views

ST Microelectronics TPM Firmware ECDSA Signature Generation Vulnerability - Lenovo Support US

No description provided...

5.9CVSS5.7AI score0.03279EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.22 views

openSUSE Security Update : libopenmpt (openSUSE-2019-524)

This update for libopenmpt to version 0.3.9 fixes the following issues : These security issues were fixed : - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files bsc1095644 - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files...

8.8CVSS7.1AI score0.02155EPSS
Exploits0References4
Rows per page
Query Builder