Lucene search
K

17 matches found

RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud The page table check trigger BUGON unexpectedly when collapse hugepage: ------------ cut here ------------ kernel BUG at mm/pagetablecheck.c:82! Internal error: Oops - BUG...

5.5CVSS6.9AI score0.0014EPSS
Exploits0References5
OSV
OSV
added 2024/08/21 7:15 a.m.5 views

DEBIAN-CVE-2022-48897

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for invalid pmd The page table check trigger BUGON unexpectedly when split hugepage: ------------ cut here ------------ kernel BUG at mm/pagetablecheck.c:119! Internal error: Oops - BUG:...

5.5CVSS5.6AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2023/01/26 9:18 p.m.24 views

CVE-2023-24495

A Server Side Request Forgery SSRF vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly...

6.5CVSS6.5AI score0.00892EPSS
Exploits0References1
Prion
Prion
added 2023/01/26 9:18 p.m.17 views

Server side request forgery (ssrf)

A Server Side Request Forgery SSRF vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly...

4CVSS6.4AI score0.00892EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/25 12:0 a.m.26 views

CVE-2023-24495

A Server Side Request Forgery SSRF vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly...

6.7AI score0.00892EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.13 views

PT-2023-9438 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc3+ Description: The issue is related to the arm64/mm component of the Linux kernel, where incorrect handling of memory allocation errors can lead to a denial of service. On arm64, the pmd leaf function...

5.5CVSS6.4AI score0.00205EPSS
Exploits0References15
Cvelist
Cvelist
added 2022/07/14 12:0 a.m.30 views

CVE-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3...

6.4AI score0.0173EPSS
Exploits1References1
OSV
OSV
added 2022/05/10 8:2 a.m.24 views

RLSA-2022:1820 Low: udisks2 security and bug fix update

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fixes: udisks2: insecure defaults in user-accessible mount helpers allow for a DoS CVE-2021-3802 For more details about the security issues, including the impact,...

4.5CVSS4.6AI score0.00808EPSS
Exploits1References5
0day.today
0day.today
added 2018/03/20 12:0 a.m.88 views

Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation E

Exploit for windows platform in category local exploits Windows: Windows: Desktop Bridge Virtual Registry Arbitrary File Read/Write EoP Platform: Windows 1709 not tested earlier version Class: Elevation of Privilege Summary: The handling of the virtual registry for desktop bridge applications can...

0.1AI score0.03181EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/12/05 12:0 a.m.27 views

WordPress Plugin Single Personal Message 1.0.3 - SQL Injection

Exploit Title: Single Personal Message 1.0.3 – Plugin WordPress – Sql Injection Date: 28/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/simple-personal-message/ Software Link: https://wordpress.org/plugins/simple-personal-message/ Contact:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/12/05 12:0 a.m.13 views

WordPress Plugin Single Personal Message 1.0.3 - SQL Injection

WordPress Plugin Single Personal Message 1.0.3 - SQL Injection Exploit Title: Single Personal Message 1.0.3 – Plugin WordPress – Sql Injection Date: 28/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/simple-personal-message/ Software Link:...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.54 views

Centreon 2.6.x < 2.6.2 File Upload RCE

According to its version number, the Centreon application hosted on the remote web server is 2.6.x prior to 2.6.2. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of user-uploaded files via the main.php script. An authenticated, remote attacker can...

6.4AI score
Exploits0References2
Exploit DB
Exploit DB
added 2015/02/10 12:0 a.m.29 views

WordPress Plugin WP EasyCart - Unrestricted Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress WP EasyCart Unrestricted File Upload', 'Description' = %qWordPress Shopping Cart WP EasyCart Plugin for WordPress...

7.4AI score
Exploits0
Saint
Saint
added 2015/01/29 12:0 a.m.35 views

WP Symposium Plugin for WordPress Arbitrary File Upload

Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Linux Kernel 2.6.x 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation. Successful exploits will allow...

7.1AI score
Exploits0
OSV
OSV
added 2014/04/05 9:55 p.m.2 views

UBUNTU-CVE-2001-1593

Jakub Wilk found that a2ps, a tool to convert text and other types of files to PostScript, insecurely used a temporary file in spyuser. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running a2ps...

2.1CVSS5.9AI score0.00399EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.52 views

[Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand&#40;&#41; = oops

There is an interesting vulnerability in the default behavior of Firefox builtin popup blocker. This vulnerability, coupled with an additional trick, allows the attacker to read arbitrary user-accessible files on the system, and thus steal some fairly sensitive information. This was tested on...

6.4AI score
Exploits0
Rows per page
Query Builder