Lucene search
+L

342 matches found

CNNVD
CNNVD
added 2021/09/23 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable due to a corrupted timer tree resulting in a missing task wakeup in the timerqueueadd function in lib/timerqueue.c. The vulnerability can be exploited to cause a denial of...

4.9CVSS6.4AI score0.0037EPSS
Exploits0References33
Positive Technologies
Positive Technologies
added 2021/05/22 12:0 a.m.8 views

PT-2024-11148 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition in the Linux kernel's ipc/mqueue, msg, and sem components can cause a crash when a do mq timedreceive call returns and leaves do mq timedsend to rely on an invalid...

9.1CVSS6.5AI score0.02701EPSS
Exploits7References1574
vulnersOsv
vulnersOsv
added 2020/06/20 12:38 p.m.6 views

node-wakeup (=0.1.0) potentially affected by CVE-2020-7684 via rollup-plugin-serve-favicon (=0.4.7)

rollup-plugin-serve-favicon NPM version =0.4.7 is affected by a known vulnerability. The following packages have a transitive dependency on rollup-plugin-serve-favicon and may be impacted: - node-wakeup =0.1.0 Source cves: CVE-2020-7684 Source advisory: SNYK:JS-ROLLUPPLUGINSERVEFAVICON-585950...

9.8CVSS7.2AI score0.01474EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/02/25 12:0 a.m.8 views

The vulnerability of the __sleep and __wakeup functions in the Symfony software development and management platform allows attackers to compromise data integrity.

The vulnerability of the sleep and wakeup functions in the Symfony software platform for web application development and management involves the restoration of unreliable information in memory. Exploiting this vulnerability can allow an attacker to compromise data integrity...

7.5CVSS7.1AI score0.02302EPSS
Exploits0References13Affected Software3
RedHat Linux
RedHat Linux
added 2019/10/29 12:59 p.m.16 views

kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results

If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmfwowlndresults function. This vulnerability can be exploited by compromised...

8.3CVSS7.4AI score0.03844EPSS
Exploits1References7
CNVD
CNVD
added 2018/03/20 12:0 a.m.4 views

Google Android Qualcomm WLAN Information Disclosure Vulnerability (CNVD-2018-05989)

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with Qualcomm WLAN being one of the components used. Qualcomm WLAN is a wireless LAN component developed by Qualco...

7.5CVSS6.2AI score0.00542EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/30 12:0 a.m.4 views

Abbott Laboratories Multiple Pacemaker Products Access Count Limit Vulnerability

Accent, Anthem, Accent MRI, Assurity, Allure and Assurity MRI are implantable medical devices from Abbott Laboratories USA. The access limit vulnerability exists in several Abbott Laboratories pacemaker products, where the pacemaker does not limit or restricts the number of properly formatted "RF...

6.5CVSS6.9AI score0.00655EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.8 views

The vulnerability of the __wakeup modification in PHP interpreters allows a attacker to trigger a service failure or exert other effects.

The vulnerability of the wakeup modification in PHP interpreters relates to the use of memory after it is released. Exploiting this vulnerability can allow a remote attacker to cause service failures or other effects through specially crafted data, as demonstrated in the exception...

7.5CVSS7.5AI score0.03864EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.7 views

The vulnerability of the CURLFile service implementation in the ext/curl/curl_file.c file of the PHP interpreter allows a attacker to cause a service failure or exert other effects.

The vulnerability of the CURLFile service implementation in the ext/curl/curlfile.c file of the PHP interpreter relates to the use of memory after it is freed. Exploiting this vulnerability may allow a malicious actor, operating remotely, to cause service failures or other effects through special...

7.5CVSS7.4AI score0.05363EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2017/01/04 8:59 p.m.4 views

UBUNTU-CVE-2016-9138

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::toString with DateInterval::wakeup...

9.8CVSS7.2AI score0.03864EPSS
Exploits0References5
OSV
OSV
added 2017/01/04 12:0 a.m.5 views

UBUNTU-CVE-2016-9137

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curlfile.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during wakeup processing...

9.8CVSS7.2AI score0.05363EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.6 views

php: bypass __wakeup() in deserialization of an unexpected object

ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct call or 2 magic method call...

9.8CVSS7.3AI score0.16482EPSS
Exploits2References4
CNVD
CNVD
added 2016/09/07 12:0 a.m.5 views

PHP '__wakeup()' Remote Command Execution Vulnerability

PHP is an open source general-purpose computer scripting language. A remote command execution vulnerability exists in PHP 'wakeup', which allows an attacker to exploit the vulnerability to execute arbitrary code within the context of a user's affected application, or a failed attack would result ...

9.8CVSS8.9AI score0.16482EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.11 views

The vulnerability of the PHP interpreter, which allows a remote attacker to execute arbitrary code

The vulnerability of the PHP interpreter in the processnesteddata function ext/standard/varunserializer.re lies in the use of memory after it is freed. As a result of exploiting this vulnerability, a malicious actor who operates remotely can execute arbitrary code through a specially crafted...

7.5CVSS7.2AI score0.12219EPSS
Exploits5References3Affected Software1
OSV
OSV
added 2015/03/30 12:0 a.m.7 views

UBUNTU-CVE-2015-2787

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an...

7.5CVSS7.1AI score0.12219EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2014/08/27 2:1 p.m.3 views

Kernel: net: mac80211: crash dues to AP powersave TX vs. wakeup race

A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system...

7.1CVSS6.4AI score0.04354EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/07/29 3:51 p.m.4 views

Kernel: net: mac80211: crash dues to AP powersave TX vs. wakeup race

A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system...

7.1CVSS6.4AI score0.04354EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/05/27 4:25 p.m.3 views

Kernel: net: mac80211: crash dues to AP powersave TX vs. wakeup race

A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system...

7.1CVSS6.4AI score0.04354EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2014/04/24 12:0 a.m.66 views

kernel security, bug fix, and enhancement update

kernel 2.6.18-371.8.1 - virt HID: memory corruption flaw drivers/usb/input/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - virt HID: memory corruption flaw in drivers/hv/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - scsi lpfc: Fix task management commands having a fixed...

7.8CVSS0.4AI score0.03336EPSS
Exploits1
rdot
rdot
added 2010/12/02 12:0 a.m.19 views

Магические методы, сериализация, инъекции в сессию и все-все-все

==-1== Введение Изначально писал для себя, как небольшой сборник полезных идей, в итоге вылилось вот в такую статью. Особого опыта в написании публикаций у меня нет, так что ногами не пинать, я старался Перед переходом к практическим примерам рассмотрим теоретически основы используемых функций...

7.6AI score
Exploits0
Rows per page
Query Builder