Lucene search
+L

162 matches found

NVD
NVD
added 2025/01/15 1:15 p.m.7 views

CVE-2024-57884

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. 0 ffff80002cb6f8d0 switchto...

5.5CVSS0.00207EPSS
Exploits0References9
OSV
OSV
added 2025/01/15 1:15 p.m.2 views

DEBIAN-CVE-2024-57884

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. 0 ffff80002cb6f8d0 switchto...

5.5CVSS5.7AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/01/15 1:15 p.m.5 views

UBUNTU-CVE-2024-57884

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. 0 ffff80002cb6f8d0 switchto...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References48
CVE
CVE
added 2025/01/15 1:5 p.m.1337 views

CVE-2024-57884

Technical details about CVE-2024-57884 are not publicly provided in the supplied documents. Monitor for updates.

5.5CVSS6.3AI score0.00207EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/01/15 1:5 p.m.13 views

CVE-2024-57884 mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim()

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. 0 ffff80002cb6f8d0 switchto...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2024/12/19 3:22 p.m.31 views

WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service

Summary A Denial of Service DoS vulnerability in the authentication middleware allows any client to cause memory exhaustion by sending large request bodies. The server reads the entire request body into memory without size limits, creating multiple copies during processing, which can lead to Out ...

7.2AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/07/12 1:55 p.m.18 views

SUSE-SU-2024:2463-1 Security update for squashfs

This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...

8.1CVSS7.7AI score0.0691EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2024/02/27 6:40 p.m.14 views

CVE-2020-36776 thermal/drivers/cpufreq_cooling: Fix slab OOB issue

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreqcooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpupowertofreq. If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index...

6.7AI score0.00232EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2024/02/12 12:0 a.m.35 views

Unbreakable Enterprise kernel security update

4.14.35-2047.533.3 - net: rfkill: gpio: set GPIO direction Rouven Czerwinski - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185208 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143229 - sched/rt: picknextrtentity: check listentry...

9.8CVSS10AI score0.04831EPSS
Exploits6
Metasploit
Metasploit
added 2023/06/01 7:50 p.m.234 views

Amazon Web Services EC2 SSM enumeration

Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all SSM-enabled EC2 instances accessible to the account. Once enumerated as SSM-enabled, the instances can be controlled using out-of-band WebSocket sessions provided by the AWS API nominally,...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: blk-throttle: prevent overflow while calculating wait time

In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tgwithinbpslimit that 'bpslimit jiffyelapsedrnd' might overflow. Fix the problem by calling mulu64u64divu64 instead...

6AI score0.00195EPSS
Exploits0References5
Code423n4
Code423n4
added 2023/02/17 12:0 a.m.7 views

Governance can cap the outflow of funds significantly preventing user redemptions

Lines of code Vulnerability details Impact The Reserve protocol always intends to allows free outflow of rToken collaterals. The redemption of rToken is allowed even when the protocol is paused. A Throttle mechanism is in place to just limit the outflow of funds from the contract. However the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/17 12:0 a.m.12 views

Unsafe typecasting

Lines of code Vulnerability details Impact In the RToken.issueTo function unsafe typecasting of uint256 to int256 is performed while invoking the Throttle.useAvailable function. function issueToaddress recipient, uint256 amount public notPausedOrFrozen exchangeRateIsValidAfter requireamount 0,...

6.9AI score
Exploits0
OSV
OSV
added 2022/11/14 7:16 p.m.6 views

GSD-2022-1007220 blk-throttle: prevent overflow while calculating wait time

blk-throttle: prevent overflow while calculating wait time This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-34981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the blk-throttle component, where an overflow can occur while calculating wait time. The actual impact and attack plausibility have not yet been proven. Recommendation...

7.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-35265 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to the blk-throttle component, where an overflow can occur while calculating wait time. The actual impact and attack plausibility have not yet been proven...

7.5AI score
Exploits0References1
Hacker One
Hacker One
added 2022/06/10 11:34 a.m.21 views

Nextcloud: Brute force protections don't work

Summary: Most of the brute force protections don't actually throttle the response and so they are not logging negative attempts Search for functions with the @BruteForceProtection annotation and check that they call throttle on the response at least conditionally. Impact Brute force protection is...

5CVSS0.6AI score0.00618EPSS
Exploits0
Code423n4
Code423n4
added 2022/05/17 12:0 a.m.11 views

Validate input variables bounds

83 comment Warden: throttle fee variables bounds are not checked. this can lead to expensive mistake --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2022/05/11 2:40 p.m.18 views

CVE-2022-1428

An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being...

4.3CVSS4.6AI score0.00611EPSS
Exploits0References2
NVD
NVD
added 2022/03/25 10:15 p.m.13 views

CVE-2022-24784

Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire...

4.3CVSS0.00994EPSS
Exploits0References3
Rows per page
Query Builder