Lucene search
K

6050 matches found

Cvelist
Cvelist
added 2024/06/10 11:25 p.m.23 views

CVE-2024-22261 SQL Injection in Harbor scan log API

SQL-Injection in Harbor allows priviledge users to leak the task IDs...

2.7CVSS0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/10 11:25 p.m.16 views

CVE-2024-22261 SQL Injection in Harbor scan log API

SQL-Injection in Harbor allows priviledge users to leak the task IDs...

2.7CVSS7AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2024/06/10 11:25 p.m.108 views

CVE-2024-22261

Harbor (scan log API) is affected by a SQL Injection vulnerability described across OSV-BIT-HARBOR-2024-22261 and NVD CVE-2024-22261. The issue arises in the Harbor scan log API where privileged users (administrator, project_admin, project_maintainer) can trigger arbitrary SQL execution to leak t...

5.5CVSS3.3AI score0.00417EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.25 views

Hirschmann HiOS Switches Race Condition (CVE-2019-12263)

This vulnerability relies on a race-condition between the network task tNet0 and the receiving application. It is very difficult to trigger the race on a system with a single CPU-thread enabled, and there is no way to reliably trigger a race on SMP targets. This plugin only works with Tenable.ot...

8.1CVSS7.5AI score0.03163EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/06/05 10:5 a.m.8 views

kernel: pid: take a reference when initializing `cad_pid`

In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the init task's struct pid. Later on, we may change cadpid via a sysctl, and when this happens procdocadpid will increment the...

7.8CVSS6.7AI score0.00246EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/05 12:36 a.m.6 views

kernel: pid: take a reference when initializing `cad_pid`

In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the init task's struct pid. Later on, we may change cadpid via a sysctl, and when this happens procdocadpid will increment the...

7.8CVSS6.7AI score0.00246EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/06/01 2:23 a.m.2 views

SUSE CVE-2024-36917

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

5.5CVSS6.8AI score0.00225EPSS
Exploits0References16
OSV
OSV
added 2024/05/31 11:8 a.m.9 views

OESA-2024-1679 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for offinddevicebynode Add check for the return value of offinddevicebynode and return the error if it fails in order to avoid...

9.1CVSS6.8AI score0.0117EPSS
Exploits0References26
OSV
OSV
added 2024/05/30 4:15 p.m.3 views

DEBIAN-CVE-2024-36906

In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: 33.452494 ================================================================== 33.453513 BUG: KASAN: stack-out-of-bounds in...

7.8CVSS5.5AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2024/05/30 4:15 p.m.13 views

CVE-2024-36882

In the Linux kernel, the following vulnerability has been resolved: mm: use memallocnofssave in pagecacheraorder See commit f2c817bed58d "mm: use memallocnofssave in readahead path", ensure that pagecacheraorder do not attempt to reclaim file-backed pages too, or it leads to a deadlock, found iss...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2024/05/30 4:15 p.m.3 views

UBUNTU-CVE-2024-36943

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...

4.7CVSS6.5AI score0.00176EPSS
Exploits0References10
OSV
OSV
added 2024/05/30 4:15 p.m.1 views

UBUNTU-CVE-2024-36906

In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: 33.452494 ================================================================== 33.453513 BUG: KASAN: stack-out-of-bounds in...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2024/05/30 3:29 p.m.22 views

CVE-2024-36917 block: fix overflow in blk_ioctl_discard()

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

7.2AI score0.00225EPSS
Exploits0References4
CVE
CVE
added 2024/05/30 3:29 p.m.123 views

CVE-2024-36915

CVE-2024-36915 concerns the Linux kernel’s NFC LLCP path where nfc_llcp_setsockopt() could unsafe-copy from user-supplied sockptr data, triggering a slab-out-of-bounds read. Symptom traces show reads of 4 bytes at a user task, linked to copy_from_sockptr() and inline copy_from_sockptr_offset; the...

7.1CVSS6.6AI score0.0025EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/05/30 3:28 p.m.19 views

CVE-2024-36882 mm: use memalloc_nofs_save() in page_cache_ra_order()

In the Linux kernel, the following vulnerability has been resolved: mm: use memallocnofssave in pagecacheraorder See commit f2c817bed58d "mm: use memallocnofssave in readahead path", ensure that pagecacheraorder do not attempt to reclaim file-backed pages too, or it leads to a deadlock, found iss...

6.4AI score0.0018EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/30 3:28 p.m.20 views

CVE-2024-36882 mm: use memalloc_nofs_save() in page_cache_ra_order()

In the Linux kernel, the following vulnerability has been resolved: mm: use memallocnofssave in pagecacheraorder See commit f2c817bed58d "mm: use memallocnofssave in readahead path", ensure that pagecacheraorder do not attempt to reclaim file-backed pages too, or it leads to a deadlock, found iss...

6.8AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2024/05/30 12:13 p.m.11 views

SUSE-SU-2024:1858-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 115.11 bsc1224056: - CVE-2024-4367: Arbitrary JavaScript execution in PDF.js - CVE-2024-4767: IndexedDB files retained in private browsing mode - CVE-2024-4768: Potential permissions request bypass via clickjacking -...

8.8CVSS7.8AI score0.72648EPSS
Exploits18References8
SUSE CVE
SUSE CVE
added 2024/05/29 2:36 a.m.7 views

SUSE CVE-2023-52813

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as follows: INFO: task cryptomgrtest:391009 blocked for more than 120 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...

5.5CVSS6.5AI score0.00286EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2024/05/28 3:29 p.m.3 views

SUSE CVE-2021-47553

In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...

7.8CVSS6.7AI score0.0026EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2024/05/27 11:30 a.m.20 views

CVE-2021-47569

In the Linux kernel, the following vulnerability has been resolved: iouring: fail cancellation for EXITING tasks WARNING: CPU: 1 PID: 20 at fs/iouring.c:6269 iotrycanceluserdata+0x3c5/0x640 fs/iouring.c:6269 CPU: 1 PID: 20 Comm: kworker/1:0 Not tainted 5.16.0-rc1-syzkaller 0 Workqueue: events...

5.5CVSS6.5AI score0.00181EPSS
Exploits0References4
Rows per page
Query Builder