Lucene search
K

112 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.3 views

kernel: use-after-free in net/atm/ioctl.c

A use-after-free flaw was found in the Linux kernel's net/atm/ioctl.c ATM networking technology driver: dovccioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vccrecvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, ...

7CVSS6.8AI score0.0051EPSS
Exploits0References5
OSV
OSV
added 2024/05/21 4:15 p.m.1 views

DEBIAN-CVE-2023-52789

In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...

5.5CVSS5.2AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 4:15 p.m.10 views

UBUNTU-CVE-2023-52789

In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...

5.5CVSS5.8AI score0.00246EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/05/21 3:31 p.m.24 views

CVE-2023-52789 tty: vcc: Add check for kstrdup() in vcc_probe()

In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...

6.5AI score0.00246EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/05/21 3:31 p.m.19 views

CVE-2023-52789 tty: vcc: Add check for kstrdup() in vcc_probe()

In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup in vccprobe Add check for the return value of kstrdup and return the error, if it fails in order to avoid NULL pointer dereference...

6.8AI score0.00246EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a data validation vulnerability in the tty:vcc module...

5.5CVSS6.5AI score0.00246EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.4 views

kernel: use-after-free in net/atm/ioctl.c

A use-after-free flaw was found in the Linux kernel's net/atm/ioctl.c ATM networking technology driver: dovccioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vccrecvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, ...

7CVSS6.8AI score0.0051EPSS
Exploits0References5
OSV
OSV
added 2024/01/19 11:6 a.m.4 views

OESA-2024-1085 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...

7CVSS6.8AI score0.01657EPSS
Exploits0References6
OSV
OSV
added 2024/01/19 11:6 a.m.6 views

OESA-2024-1084 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...

7CVSS6.8AI score0.0051EPSS
Exploits0References4
OSV
OSV
added 2024/01/19 11:6 a.m.11 views

OESA-2024-1083 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...

7CVSS6.8AI score0.0051EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2024/01/16 8:0 a.m.3 views

An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

...

7CVSS8.7AI score0.0051EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/01/11 7:15 p.m.2 views

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

7CVSS5.8AI score0.0051EPSS
Exploits0References6
OSV
OSV
added 2024/01/11 7:15 p.m.44 views

CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

7CVSS6.8AI score
Exploits0References5
OSV
OSV
added 2024/01/11 7:15 p.m.3 views

UBUNTU-CVE-2023-51780

An issue was discovered in the Linux kernel before 6.6.8. dovccioctl in net/atm/ioctl.c has a use-after-free because of a vccrecvmsg race condition...

7CVSS6.5AI score0.0051EPSS
Exploits0References21
OSV
OSV
added 2023/05/12 4:15 p.m.2 views

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

6.1CVSS5.9AI score0.0061EPSS
Exploits1References3
NVD
NVD
added 2023/05/12 4:15 p.m.22 views

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

6.1CVSS6.1AI score0.0061EPSS
Exploits1References3
Prion
Prion
added 2023/05/12 4:15 p.m.17 views

Cross site scripting

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

5.8CVSS6.1AI score0.0061EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/12 12:0 a.m.5 views

CVE-2022-48020

Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting XSS vulnerability via the conference parameter. This vulnerability allows attackers to inject arbitrary code which will be executed by the victim user's browser...

6.2AI score0.0061EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.3 views

Vinteo VCC 跨站脚本漏洞

Vinteo VCC is a video conferencing application from Vinteo. A security vulnerability exists in Vinteo VCC version v2.36.4, which stems from the discovery of a cross-site scripting XSS vulnerability contained via the conference parameter. An attacker can exploit the vulnerability to inject arbitra...

6.1CVSS6.2AI score0.0061EPSS
Exploits1References5
CVE
CVE
added 2023/05/12 12:0 a.m.58 views

CVE-2022-48020

CVE-2022-48020 affects Vinteo VCC v2.36.4. The vulnerability is a reflected cross-site scripting (XSS) flaw exposed via the conference parameter, allowing an attacker to inject code that runs in the victim’s browser. According to the sources, the attack is network-based with low attack complexity...

6.1CVSS6.1AI score0.0061EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder