Lucene search
K

144 matches found

OSV
OSV
added 2025/09/05 6:15 p.m.3 views

DEBIAN-CVE-2025-39680

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300i2csmbusxfer The data-block0 variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug. Fix this bug by checking the value of...

7.1CVSS6AI score0.00139EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 6:15 p.m.5 views

UBUNTU-CVE-2025-39708

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix NULL pointer dereference A warning reported by smatch indicated a possible null pointer dereference where one of the arguments to API "irishfigen2handlesystemerror" could sometimes be null. To fix this, add a che...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References5
NVD
NVD
added 2025/06/18 11:15 a.m.8 views

CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...

5.5CVSS0.0014EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:17 a.m.6 views

CVE-2022-29204

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...

5.5CVSS6.8AI score0.00346EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.7 views

CVE-2021-41789

In wifi driver, there is a possible system crash due to a missing validation check. This could lead to remote denial of service from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20190426015; Issue ID: GN2019042601...

6.5CVSS7AI score0.00609EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:14 p.m.11 views

CVE-2021-1935

Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

7.1CVSS7.2AI score0.00134EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 1:15 p.m.6 views

UBUNTU-CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

7.8CVSS6.2AI score0.00185EPSS
Exploits0References41
CVE
CVE
added 2025/04/02 2:0 p.m.144 views

CVE-2025-21994

CVE-2025-21994 is a Linux kernel vulnerability in the ksmbd module where validation for the num_aces field of smb_acl was incorrect. The advisory notes that parse_dcal() should verify num_aces using the actual buffer size (smb_acl->size) rather than checking against a calculation that could al...

5.5CVSS7.2AI score0.00178EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/27 4:42 p.m.2 views

CVE-2022-49740 wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads This patch fixes slab-out-of-bounds reads in brcmfmac that occur in brcmfconstructchaninfo and brcmfenablebw402g when the count value of channel...

7.8AI score0.00182EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/28 4:14 a.m.13 views

CVE-2022-49478

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...

6.7CVSS7AI score0.00274EPSS
Exploits0References4
NVD
NVD
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49478

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...

7.8CVSS0.00274EPSS
Exploits0References9
CVE
CVE
added 2025/02/26 2:13 a.m.106 views

CVE-2022-49478

CVE-2022-49478 affects the Linux kernel via the media: pvrusb2 driver, specifically a faulty check in pvr2_i2c_core_init that permits an array index of -1 to be used. The issue arises when hdw->unit_number is initialized to -1 and may remain unchanged if the init-table walk fails, leading to o...

7.8CVSS6.7AI score0.00274EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/02/26 2:13 a.m.11 views

CVE-2022-49478 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...

7.8CVSS5.4AI score0.00274EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2025/02/26 2:13 a.m.7 views

CVE-2022-49478

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...

7.8CVSS5.6AI score0.00274EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/26 2:13 a.m.18 views

CVE-2022-49478 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw-unitnumber is initialized with -1 and then if init table walk fails...

0.00274EPSS
Exploits0References9
OSV
OSV
added 2025/01/31 11:25 a.m.8 views

CVE-2025-21680 pktgen: Avoid out-of-bounds access in get_imix_entries

In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix entries leads to invalid access to the pktdev-imixentries array because of the incorrect boundary check. UBSAN: array-index-out-of-bounds in...

7.8CVSS6AI score0.00208EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/01/11 12:35 p.m.6 views

CVE-2024-47408

In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcdv2extoffset when receiving proposal msg When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset...

5.5CVSS5.7AI score0.00218EPSS
Exploits0
OSV
OSV
added 2024/12/27 3:15 p.m.2 views

DEBIAN-CVE-2024-56617

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 "archtopology: Build cacheinfo from primary CPU" adds functionality that architectures can use to optionally allocate and build...

5.5CVSS5.7AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2024/11/25 10:15 p.m.1 views

UBUNTU-CVE-2024-53099

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

7.1CVSS6.2AI score0.0023EPSS
Exploits0References29
NVD
NVD
added 2024/09/09 8:15 p.m.25 views

CVE-2024-27366

An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsirxscandoneind, there is no input validation check on a length coming from userspace...

5.5CVSS0.00162EPSS
Exploits0References2
Rows per page
Query Builder