Lucene search
K

117 matches found

OSV
OSV
added 2024/09/18 7:12 a.m.18 views

CVE-2024-46744 Squashfs: sanity check symbolic link size

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in picklink" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason...

7.8CVSS6AI score0.00299EPSS
Exploits0References13
OSV
OSV
added 2024/05/30 4:15 p.m.3 views

DEBIAN-CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

7.8CVSS5.5AI score0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/30 4:15 p.m.4 views

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

7.8CVSS6.3AI score0.00234EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/05/30 4:15 p.m.11 views

AZL-67503 CVE-2024-36898 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

7.8CVSS6.7AI score0.00234EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/30 4:15 p.m.22 views

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

7.8CVSS6.4AI score0.00234EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/05/30 3:29 p.m.29 views

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

6.4AI score0.00234EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/05/30 3:29 p.m.23 views

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

6.8AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/05/30 3:29 p.m.12 views

CVE-2024-36898 gpiolib: cdev: fix uninitialised kfifo

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to conta...

7.8CVSS5.8AI score0.00234EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/04/04 8:20 a.m.29 views

CVE-2024-26807 spi: cadence-qspi: fix pointer reference in runtime PM hooks

In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...

7.7AI score0.00225EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/04/04 8:20 a.m.19 views

CVE-2024-26807

In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...

5.5CVSS7.2AI score0.00225EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.88 views

CVE-2024-26807

In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References4
OSV
OSV
added 2024/03/18 11:15 a.m.8 views

DEBIAN-CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETHPTR8022. syzbot reported an uninit-value bug below. 0 llc supports ETHP8022 0x0004 and used to support ETHPTR8022 0x0011, and syzbot abused the latter to trigger the bug. write$tunr0,...

5.5CVSS5.6AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 11:15 a.m.0 views

UBUNTU-CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETHPTR8022. syzbot reported an uninit-value bug below. 0 llc supports ETHP8022 0x0004 and used to support ETHPTR8022 0x0011, and syzbot abused the latter to trigger the bug. write$tunr0,...

5.5CVSS6.2AI score0.00242EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.24 views

FreeBSD : h2o -- uninitialised memory access in HTTP3 (1d3677a8-9143-42d8-84a3-0585644dff4b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1d3677a8-9143-42d8-84a3-0585644dff4b advisory. - h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access...

7.4CVSS6.2AI score0.02667EPSS
Exploits1References3
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.10 views

Governance Token limit can be massively increased due to uninitialised lastEvent variable

Lines of code Vulnerability details Impact Due to insufficient checks in the executeInflationRateUpdate in the Minter contract, the limit on tokens that can be minted is massively increased. As lastEvent is uninitialised and equal to 0 by default, in the first line of executeInflationRateUpdate,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.9 views

Users can claim extremely large rewards or lock rewards from LpGauge due to uninitialised poolLastUpdate variable

Lines of code Vulnerability details Impact A user can claim all of the available governance tokens or prevent any rewards from being claimed in LpGauge.sol if sufficient time is left between deploying the contract and initialising it in the StakerVault.sol contract by calling initalizeLPGauge OR ...

6.7AI score
Exploits0
Veracode
Veracode
added 2020/09/24 10:37 a.m.29 views

Information Disclosure

pdns is vulnerable to information disclosure. The vulnerability exists as crafted zone records can leak uninitialised memory...

4.3CVSS1.6AI score0.02592EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2020/06/18 4:55 p.m.34 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

6.8CVSS3AI score0.02024EPSS
Exploits1References3
OSV
OSV
added 2020/04/14 1:15 p.m.2 views

ALPINE-CVE-2020-11742

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOPcopy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path...

5.5CVSS6.6AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2019/09/05 4:15 p.m.24 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS8.7AI score0.02024EPSS
Exploits1References3
Rows per page
Query Builder