Lucene search
K

4 matches found

OSV
OSV
added 2026/03/12 2:48 p.m.3 views

BIT-PARSE-2026-30966 Parse Server role escalation and CLP bypass via direct `_Join` table write

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2 and 8.6.20, Parse Server's internal tables, which store Relation field mappings such as role memberships, can be directly accessed via the REST API or GraphQL API by any client...

10CVSS5.8AI score0.00384EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/26 7:12 p.m.3 views

net-snmp: A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference.

A flaw was found in net-snmp. A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference issue...

8.8CVSS5.7AI score0.01146EPSS
Exploits0References4
Xen Project
Xen Project
added 2016/12/21 12:0 p.m.57 views

x86 PV guests may be able to mask interrupts

ISSUE DESCRIPTION Certain PV guest kernel operations page table writes in particular need emulation, and use Xen's general x86 instruction emulator. This allows a malicious guest kernel which asynchronously modifies its instruction stream to effect the clearing of EFLAGS.IF from the state used to...

6CVSS0.3AI score0.0043EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2016/12/21 12:0 a.m.40 views

xen-kernel -- x86 PV guests may be able to mask interrupts

The Xen Project reports: Certain PV guest kernel operations page table writes in particular need emulation, and use Xen's general x86 instruction emulator. This allows a malicious guest kernel which asynchronously modifies its instruction stream to effect the clearing of EFLAGS.IF from the state...

6CVSS6.6AI score0.0043EPSS
Exploits0References1
Rows per page
Query Builder