Lucene search
K

216 matches found

OSV
OSV
added 2025/02/26 1:54 a.m.7 views

CVE-2022-49052 mm: fix unexpected zeroed page mapping with zram swap

In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed page mapping with zram swap Two processes under CLONEVM cloning, user process can be corrupted by seeing zeroed page unexpectedly. CPU A CPU B doswappage doswappage SWPSYNCHRONOUSIO path SWPSYNCHRONOUSIO...

5.5CVSS4.8AI score0.00274EPSS
Exploits0References9
OSV
OSV
added 2025/02/21 1:37 p.m.6 views

OESA-2025-1167 etcd security update

%expand: Security Fixes: A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes...

6.5CVSS6.8AI score0.00297EPSS
Exploits0References2
OSV
OSV
added 2025/02/14 12:12 p.m.6 views

OESA-2025-1124 etcd security update

%expand: Security Fixes: A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes...

6.5CVSS6.8AI score0.00297EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/14 5:36 a.m.5 views

SUSE CVE-2024-9355

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS7.1AI score0.00297EPSS
Exploits0References11
OSV
OSV
added 2025/01/19 12:15 p.m.0 views

DEBIAN-CVE-2024-57911

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References1
OSV
OSV
added 2025/01/19 12:15 p.m.5 views

AZL-56235 CVE-2024-57911 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

7.1CVSS6.7AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/19 11:52 a.m.1 views

CVE-2024-57911 iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

5.9AI score0.00214EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/12/19 12:58 a.m.3 views

kernel: nfsd: ensure that nfsd4_fattr_args.context is zeroed out

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

5.5CVSS6.7AI score0.00188EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/12/07 8:0 a.m.4 views

Golang-fips: golang fips zeroed buffer

...

6.5CVSS6.8AI score0.00297EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/25 12:0 a.m.11 views

RHEL 7 : rhc-worker-script (RHSA-2024:10133)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:10133 advisory. Remote Host Configuration rhc worker for executing scripts on hosts managed by Red Hat Insights. Security Fixes: net/http: Denial of servic...

7.5CVSS7.9AI score0.01414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/11/21 1:11 a.m.2 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/13 2:54 p.m.13 views

Moderate: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.5CVSS7AI score0.00297EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/13 2:54 p.m.4 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.3 views

ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()

...

5.5CVSS6.8AI score0.00249EPSS
Exploits0
OSV
OSV
added 2024/11/08 3:56 p.m.17 views

RLSA-2024:8847 Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 For more details about th...

6.5CVSS7AI score0.00297EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.16 views

RockyLinux 9 : grafana (RLSA-2024:8678)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8678 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 Tenable has extracted the precedi...

10CVSS7.8AI score0.01093EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2024/11/05 3:58 a.m.7 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/30 7:42 p.m.6 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/10/23 12:0 a.m.29 views

AlmaLinux 8 : grafana (ALSA-2024:8327)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8327 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 Tenable has extracted the precedin...

10CVSS7.8AI score0.01093EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2024/10/22 3:15 p.m.7 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References5
Rows per page
Query Builder