Lucene search
K

25 matches found

OSV
OSV
added 2025/02/18 8:15 p.m.2 views

DEBIAN-CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS6.7AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/17 9:43 a.m.21 views

CVE-2024-26820 hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed If hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot perform VF register successfully as the register call is received before netvscpro...

6.7AI score0.00237EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/03/25 6:23 p.m.14 views

CVE-2021-47141

A vulnerability was found in the Generic Virtual Ethernet gve driver in the Linux kernel. A NULL pointer dereference could occur during the freeing of notification blocks. This issue arises when attempting to index priv-msixvectors without prior allocation, potentially leading to a crash if the...

4.4CVSS7.3AI score0.00225EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.6 views

SUSE CVE-2008-5511

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting XSS attacks via an XBL binding to an "unloaded document."...

4.3CVSS8AI score0.01856EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/12/26 12:0 a.m.5 views

The vulnerability of the Intel Smart Sound Technology driver, related to a overflow in the unloaded pool in the operating memory, allows a hacker to execute arbitrary code.

The vulnerability of the Intel Smart Sound Technology driver is related to a overflow in the unloaded pool in the operating memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with elevated privileges...

7.8CVSS8.1AI score0.00377EPSS
Exploits0References4Affected Software81
0day.today
0day.today
added 2017/04/05 12:0 a.m.42 views

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window

Exploit for multiple platform in category web applications document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if...

4.3CVSS7.7AI score0.06166EPSS
Exploits3
seebug.org
seebug.org
added 2017/04/04 12:0 a.m.31 views

Apple Webkit: UXSS by accessing a named property from an unloaded window (CVE-2017-2367)

The frame is not detached from an unloaded window. We can access to the new document's named properties via the following function. static bool jsDOMWindowPropertiesGetOwnPropertySlotNamedItemGetterJSDOMWindowProperties thisObject, Frame& frame, ExecState exec, PropertyName propertyName,...

4.3CVSS7.6AI score0.06166EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.49 views

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window

document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if UNLIKELYhtmlDocument.windowNamedItemContainsMultipleElementsatomicPropertyName Ref collection =...

7.4AI score
Exploits0
OSV
OSV
added 2017/03/28 7:11 p.m.1 views

USN-3247-1 apparmor vulnerability

Stéphane Graber discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior...

5.9CVSS6.6AI score0.01589EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2017/03/28 7:11 p.m.60 views

USN-3247-1: AppArmor vulnerability

Stéphane Graber discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior...

5.9CVSS6.5AI score0.01589EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/03/03 12:49 p.m.4 views

kernel: iptables restriction bypass if a protocol handler kernel module not loaded

A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol SCTP case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2010/11/12 12:0 a.m.22 views

Adobe Shockwave Player Use-After-Free Vulnerability

This host is installed with Adobe Shockwave Player and is prone to use-after-free vulnerability. OpenVAS Vulnerability Test $Id: gbadobeshockwaveplayeruseafterfreevuln.nasl 5263 2017-02-10 13:45:51Z teissa $ Adobe Shockwave Player Use-After-Free Vulnerability Authors: Sooraj KS Copyright: Copyrig...

9.3CVSS1.4AI score0.05447EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2010/11/12 12:0 a.m.26 views

Adobe Shockwave Player Use-After-Free Vulnerability

Adobe Shockwave Player is prone to a use after free vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.5AI score0.05447EPSS
Exploits0References1
Prion
Prion
added 2010/11/05 9:0 p.m.20 views

Design/Logic Flaw

Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details...

9.3CVSS8AI score0.05447EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2010/03/11 12:0 a.m.84 views

Apache mod_isapi uninitialized pointer function call

Uunder some conditions function from dynamic library is called by it's address after library is unloaded...

10CVSS3.3AI score0.94248EPSS
Exploits13References1Affected Software1
OpenVAS
OpenVAS
added 2009/02/02 12:0 a.m.27 views

Debian: Security Advisory (DSA-1704-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.03201EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2009/01/07 10:27 a.m.3 views

Firefox XSS via XBL bindings to unloaded document

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting XSS attacks via an XBL binding to an "unloaded document."...

4.3CVSS7.3AI score0.01856EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/12/17 1:31 a.m.9 views

Firefox XSS via XBL bindings to unloaded document

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting XSS attacks via an XBL binding to an "unloaded document."...

4.3CVSS7.3AI score0.01856EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/12/17 1:20 a.m.2 views

Firefox XSS via XBL bindings to unloaded document

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting XSS attacks via an XBL binding to an "unloaded document."...

4.3CVSS7.3AI score0.01856EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/12/17 12:0 a.m.44 views

CVE-2008-5511

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting XSS attacks via an XBL binding to an "unloaded document."...

4.3CVSS7.2AI score0.01856EPSS
Exploits0References6
Rows per page
Query Builder