Lucene search
K

101 matches found

OSV
OSV
added 2024/06/21 11:15 a.m.2 views

DEBIAN-CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5AI score0.00239EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/21 11:15 a.m.26 views

CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References13
OSV
OSV
added 2024/06/21 11:15 a.m.1 views

UBUNTU-CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References14
Cvelist
Cvelist
added 2024/06/21 10:18 a.m.29 views

CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

0.00239EPSS
Exploits0References4
CVE
CVE
added 2024/06/21 10:18 a.m.82 views

CVE-2024-33619

The CVE-2024-33619 entry concerns a Linux kernel EFI handling bug in libstub: priv.runtime_map could be freed in an error path when it was never allocated (priv.runtime_map is only allocated if efi_novamap is not set; otherwise it is uninitialized). The fix is to Free priv.runtime_map only when i...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/21 10:18 a.m.16 views

CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

6.8AI score0.00239EPSS
Exploits0References4
OSV
OSV
added 2024/06/21 10:18 a.m.19 views

CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...

5.5CVSS5.9AI score0.00239EPSS
Exploits0References7
HackRead
HackRead
added 2024/06/06 8:46 p.m.15 views

New EmailGPT Flaw Puts User Data at Risk: Remove the Extension NOW

Synopsys warns of a new prompt injection hack involving a security vulnerability in EmailGPT, a popular AI email…...

7.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/03 12:3 a.m.33 views

CVE-2024-26684

An error in handling DPP safety was found in the Linux kernel driver for the Ethernet IPs built around a Synopsys IP Core. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00223EPSS
Exploits0References4
OSV
OSV
added 2024/01/09 6:15 p.m.4 views

CVE-2024-0226

Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload...

5.4CVSS5.7AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/09 5:41 p.m.16 views

CVE-2024-0226 Stored Cross-Site Scripting in Synopsys Seeker

Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload...

4.8CVSS5.4AI score0.00286EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/09 5:41 p.m.15 views

CVE-2024-0226 Stored Cross-Site Scripting in Synopsys Seeker

Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload...

4.8CVSS6.2AI score0.00286EPSS
Exploits0References1
CVE
CVE
added 2024/01/09 5:41 p.m.43 views

CVE-2024-0226

CVE-2024-0226 affects Synopsys Seeker versions prior to 2023.12.0. The vulnerability is a stored cross-site scripting flaw introduced via a specially crafted payload. The NVD entry rates the base impact as Low for confidentiality and integrity (no availability impact) with network attack vector a...

5.4CVSS5.2AI score0.00286EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.6 views

Synopsys Seeker Cross-Site Scripting Vulnerability

Synopsys Seeker is an interactive application security testing solution from Synopsys, Inc. A cross-site scripting vulnerability exists in Synopsys Seeker versions prior to 2023.12.0 that stems from the ease of causing cross-site scripting via a specially crafted payload...

5.4CVSS6AI score0.00286EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.6 views

PT-2024-15396 · Synopsys · Synopsys Seeker

Name of the Vulnerable Software and Affected Versions: Synopsys Seeker versions prior to 2023.12.0 Description: The issue is a stored cross-site scripting vulnerability that can be exploited through a specially crafted payload. Recommendations: For versions prior to 2023.12.0, update to version...

5.4CVSS6.2AI score0.00286EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.7 views

kernel: net: stmmac: dwc-qos: Disable split header for Tegra194

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/04/27 12:0 a.m.4 views

Synopsys Code Dx 信任管理问题漏洞

Synopsys Code Dx is a vulnerability management system from Synopsys. It combines and correlates results generated by various static and dynamic testing tools. A security vulnerability exists in Synopsys Code Dx versions prior to 2023.4.2 that stems from the use of hard-coded passwords when...

9.8CVSS8.3AI score0.00621EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 9:30 p.m.20 views

GHSA-PX6V-6JHF-J46R CSRF vulnerability in Synopsys Jenkins Coverity Plugin

A cross-site request forgery CSRF vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

3.5CVSS4.1AI score0.00357EPSS
Exploits0References3
OSV
OSV
added 2023/02/15 9:30 p.m.26 views

GHSA-JWR6-75XH-JH5J Synopsys Jenkins Coverity Plugin has Incorrect Default Permissions

Synopsys Coverity Plugin 3.0.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using anothe...

4.3CVSS4.7AI score0.00509EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/02/15 9:30 p.m.27 views

CSRF vulnerability in Synopsys Jenkins Coverity Plugin

A cross-site request forgery CSRF vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

3.5CVSS6.6AI score0.00357EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder