Lucene search
K

6038 matches found

NVD
NVD
added 2024/05/17 2:15 p.m.14 views

CVE-2024-35819

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

5.5CVSS7.4AI score0.00232EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2024/05/17 2:15 p.m.21 views

CVE-2024-35819

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

5.5CVSS6.4AI score0.00232EPSS
Exploits0References29
Vulnrichment
Vulnrichment
added 2024/05/17 1:23 p.m.23 views

CVE-2024-35819 soc: fsl: qbman: Use raw spinlock for cgr_lock

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

6.7AI score0.00232EPSS
Exploits0References9
OSV
OSV
added 2024/05/17 1:23 p.m.10 views

CVE-2024-35819 soc: fsl: qbman: Use raw spinlock for cgr_lock

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

5.5CVSS5.9AI score0.00232EPSS
Exploits0References14
Veracode
Veracode
added 2024/05/17 8:58 a.m.23 views

Cross-Site Scripting (XSS)

apache airflow is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper handling of user input, which allows an authenticated attacker to inject malicious JavaScript into the task instance logs...

5.4CVSS5.9AI score0.01559EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.5 views

HCL BigFix Platform 安全漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that stems from the...

6.7CVSS6.7AI score0.00157EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.6 views

PT-2024-19948

Name of the Vulnerable Software and Affected Versions Client Deploy Tool affected versions not specified Description An attacker could potentially intercept credentials via the task manager and perform unauthorized access to the Client Deploy Tool on Windows systems. Recommendations At the moment...

6.7CVSS6.5AI score0.00157EPSS
Exploits0References5
NVD
NVD
added 2024/05/16 6:15 a.m.14 views

CVE-2024-4843

ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege...

4.3CVSS4.6AI score0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/16 6:4 a.m.8 views

CVE-2024-4843

ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege...

4.3CVSS6.8AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2024/05/16 6:4 a.m.46 views

CVE-2024-4843

CVE-2024-4843 affects Trellix ePolicy Orchestrator (ePO). Publicly cited documents describe insecure direct object references that let a least-privileged user manipulate client tasks and client task assignments, enabling privilege escalation. The NVD/NVD-derived entries describe impact as insuffi...

4.3CVSS6.7AI score0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.3 views

Trellix ePolicy Orchestrator 安全漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the presence of an insecure direct object reference that allows a low-privileged user to manipulate clien...

4.3CVSS6.7AI score0.00265EPSS
Exploits0References3
CVE
CVE
added 2024/05/15 4:39 p.m.39 views

CVE-2024-3968

OpenText iManager 3.2.6.0200 is affected by CVE-2024-3968, a Remote Code Execution vulnerability that can be triggered via a custom file upload task. The vulnerability is documented with high-severity scores (NVD CVSSv3.1: 9.8/CRITICAL; Community security note with 7.8/HIGH) and indicates an atta...

9.8CVSS8AI score0.00672EPSS
Exploits0References1Affected Software1
Malwarebytes
Malwarebytes
added 2024/05/15 11:58 a.m.16 views

Apple and Google join forces to stop unwanted tracking

Apple and Google have announced an industry specification for Bluetooth tracking devices which help alert users to unwanted tracking. The specification, called Detecting Unwanted Location Trackers, will make it possible to alert users across both iOS and Android if a device is unknowingly being...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.6 views

NetIQ iManager 安全漏洞

NetIQ iManager is an advanced web-based management console from NetIQ UK. Customized, secure access to network management utilities and content can be provided from any location in the world. A security vulnerability exists in NetIQ iManager version 3.2.6.0200, which stems from the presence of...

9.8CVSS8AI score0.00672EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.3 views

The vulnerability of the `flush_all_cpus_locked()` function in the `mm/slub.c` module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the flushallcpuslocked function in the mm/slub.c module of the Linux kernel’s memory management subsystem is related to the use of an incorrect queue for task execution. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS6.1AI score0.00242EPSS
Exploits0References10Affected Software2
Github Security Blog
Github Security Blog
added 2024/05/14 6:31 p.m.23 views

Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS5.2AI score0.01559EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/05/14 6:31 p.m.30 views

GHSA-52GM-QMG3-R4QP Apache Airflow: XSS vulnerability in Task Instance Log/Log Details

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to version 2.9.1, which fixes this issue...

5.4CVSS5.2AI score0.01559EPSS
Exploits0References7
OSV
OSV
added 2024/05/14 5:15 p.m.2 views

CVE-2024-26238

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability...

7.8CVSS5.8AI score0.0073EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 5:15 p.m.14 views

CVE-2024-26238

Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability...

7.8CVSS7.9AI score0.0073EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 4:57 p.m.31 views

CVE-2024-26238 Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerability

...

7.8CVSS8.4AI score0.0073EPSS
Exploits0References1
Rows per page
Query Builder