Lucene search
K

213680 matches found

Prion
Prion
•added 2024/02/28 9:15 a.m.•31 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix port event handling on init For some reason there might be a crash during ports creation if port events are handling at the same time because fw may send initial port event with down state. The crash...

6.5AI score0.0084EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•29 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by one in hdmi14processtransaction The hdcpi2coffsets array did not have an entry for HDCPMESSAGEIDWRITECONTENTSTREAMTYPE so it led to an off by one read overflow. I added an entry and copied the 0x0 valu...

6.8AI score0.00245EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•17 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

6.5AI score0.00241EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•27 views

Code injection

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsmcomingsoonredirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a...

5CVSS6.9AI score0.00465EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•27 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in vmbusopen The "openinfo" variable is added to the &vmbusconnection.chnmsglist, but the error handling frees "openinfo" without removing it from the list. This will result in a use after free...

7.1AI score0.00227EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

6.8AI score0.00259EPSS
Exploits0References8
Prion
Prion
•added 2024/02/28 9:15 a.m.•28 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file entryflush, which causes the kernel to patch itself to enable/disable the relevant...

6.8AI score0.00231EPSS
Exploits0References9
Prion
Prion
•added 2024/02/28 9:15 a.m.•17 views

Sql injection

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the eesyncProductCategory function using the parameters conditionData, valueData, productArray, exclude and include in all versions ...

6.5CVSS7.6AI score0.00701EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•18 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...

7AI score0.00267EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•18 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nfthashbuckets Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nfthashbuckets syzbot injected a size == 0x40000000 and reported: UBSAN:...

6.9AI score0.0026EPSS
Exploits0References7
Prion
Prion
•added 2024/02/28 9:15 a.m.•24 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hcidev-lock and socket lock Commit eab2404ba798 "Bluetooth: Add BTPHY socket option" added a dependency between socket lock and hcidev-lock that could lead to deadlock. It turns out that...

6.6AI score0.00179EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•20 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted blkmqschedbiomerge gets the ctx and hctx for the current CPU and passes the hctx to -biomerge. kyberbiomerge then gets the ctx for the current CPU again and uses that to get the...

6.5AI score0.00256EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•31 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use objcgroup APIs to charge kmem pages", v5. Since Roman's series "The new cgroup slab memory controller" applied. All slab objects are charged with t...

6.8AI score0.00239EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•23 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmetrdmaerrorcomp which tried accessing the...

6.5AI score0.00236EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•23 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b "vsock/virtio: free packets during the socket...

6.7AI score0.0025EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dclinkconstruct: unreferenced object 0xffffa03e81471400 size 1024: comm "amdmoduleload", pid 2486, jiffies 4294946026 age 10.544s hex dump first 32...

6.5AI score0.00205EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•21 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siwallocmr Our code analyzer reported a UAF. In siwallocmr, it calls siwmraddmemmr,... In the implementation of siwmraddmem, mem is assigned to mr-mem and then mem is freed via kfreemem if...

7.1AI score0.00268EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•27 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...

7AI score0.00208EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•32 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: mcp251xfdprobe: fix an error pointer dereference in probe When we converted this code to use deverrprobe we accidentally removed a return. It means that if devmclkget it will lead to an Oops when we call clkgetrat...

6.8AI score0.00205EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•16 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcpsetdefaultcongestioncontrol is netns-safe in that it writes to &net-ipv4.tcpcongestioncontrol, but it also sets ca-flags |= TCPCONGNONRESTRICTED which is...

6.9AI score0.00257EPSS
Exploits0References6
Prion
Prion
•added 2024/02/28 9:15 a.m.•32 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix resume from sleep before interface was brought up Since 8ce8c0abcba3 the driver queues work via priv-restartwork when resuming after suspend, even when the interface was not previously enabled. This causes a nul...

6.6AI score0.00235EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•28 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

6.3AI score0.0025EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•17 views

Design/Logic Flaw

The Page Duplicator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the duplicatedatpage function in all versions up to, and including, 0.1.1. This makes it possible for unauthenticated attackers to duplicate arbitrary posts and pages...

5CVSS5.2AI score0.00422EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•14 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pmruntimegetsync fails In i2cimxxfer and i2cimxremove, the pm reference count is not expected to be incremented on return. However, pmruntimegetsync will increment pm reference count even failed...

6.6AI score0.00222EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•12 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions cdnsi2cmasterxfer and cdnsregslave. However, pmruntimegetsync will increment pm usage...

6.6AI score0.00225EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•23 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmpqspiexecop When handling op-addr, it is using the buffer "tmpbuf" which has been freed. This will trigger a use-after-free KASAN warning. Let's use temporary variables to store...

6.9AI score0.00238EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•21 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10khtcsendbundle In ath10khtcsendbundle, the bundleskb could be freed by devkfreeskbanybundleskb. But the bundleskb is used later by bundleskb-len. As skblen = bundleskb-len, my patch replaces...

6.8AI score0.00238EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•21 views

Design/Logic Flaw

The WP eCommerce plugin for WordPress is vulnerable to unauthorized arbitrary post creation due to a missing capability check on the checkforsaaspush function in all versions up to, and including, 3.15.1. This makes it possible for unauthenticated attackers to create arbitrary posts with arbitrar...

5CVSS5.2AI score0.00422EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•16 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in functions imgi2cxfer and imgi2cinit. However, pmruntimegetsync will increment the PM reference cou...

6.6AI score0.00227EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•22 views

Information disclosure

The WP Private Content Plus plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 3.6. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated...

5CVSS6.6AI score0.00603EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•14 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "removepath" that eventually calls rtrscltremovepathfromsysfs function. The current...

6.9AI score0.00238EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•16 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

7AI score0.00221EPSS
Exploits0References6
Prion
Prion
•added 2024/02/28 9:15 a.m.•12 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd and thus enabling more RPC Calls to be sent /before/ rpcrdmapostrecvs can post enough Receive WRs to receive their replies. This causes a...

7AI score0.00285EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Design/Logic Flaw

The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages when maintenance mo...

5CVSS5.1AI score0.00479EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•24 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Fix the definition of the fixmap area At the time being, the fixmap area is defined at the top of the address space or just below KASAN. This definition is not valid for PPC64. For PPC64, use the top of the I/O space...

6.7AI score0.00239EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•25 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix a memleak from userdata error path in new objects Release object name if userdata allocation fails...

6.7AI score0.00246EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•34 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix memleak when mt7915unregisterdevice mt7915txtokenput should get call before mt76freependingtxwi...

6.8AI score0.00235EPSS
Exploits0References3
Prion
Prion
•added 2024/02/28 9:15 a.m.•39 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dmaaddrt width to 44-bit to avoid using a swiotlb mapping. In addition, if dmamapsingle fails...

6.7AI score0.00239EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•18 views

Race condition

In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 "hfsplus: avoid deadlock on file truncation" HFS+ has extent records which always contains 8 extents. In case the...

7.1AI score0.0024EPSS
Exploits0References6
Prion
Prion
•added 2024/02/28 9:15 a.m.•41 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: fix clock handling logic Video engine uses eclk and vclk for its clock sources and its reset control is coupled with eclk so the current clock enabling sequence works like below. Enable eclk De-assert Video Engine...

6.5AI score0.00222EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•22 views

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40eclientsubtask Currently the call to i40eclientdelinstance frees the object pf-cinst, however pf-cinst-laninfo is being accessed after the free. Fix this by adding the missing return...

6.7AI score0.00239EPSS
Exploits0References6
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Cross site request forgery (csrf)

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxunsetdefaultcard' function. This makes it possible for unauthenticated attackers to remove...

4.3CVSS4.3AI score0.00275EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•34 views

Design/Logic Flaw

The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acxcsmasubscribeajax' function. This can allow authenticated attackers to extract sensitive data such as names and email...

4CVSS4.5AI score0.00494EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•16 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented on return in sprdi2cmasterxfer and sprdi2cremove. However, pmruntimegetsync will increment the PM reference count...

6.6AI score0.00228EPSS
Exploits0References5
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svcrqstfree When allocpagesnode returns null in svcrqstalloc, the null rqscratchpage pointer will be dereferenced when calling putpage in svcrqstfree. Fix it by adding a null check...

6.7AI score0.00236EPSS
Exploits0References3
Prion
Prion
•added 2024/02/28 9:15 a.m.•22 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If the MSR holds a different value per logical CPU, the WRMSR could corrupt the host's value if KVM is...

6.7AI score0.00232EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•15 views

Race condition

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix race condition of overwrite vs truncate posfsstress testcase complains a panic as belew: ------------ cut here ------------ kernel BUG at fs/f2fs/compress.c:1082! invalid opcode: 0000 1 SMP PTI CPU: 4 PID:...

6.9AI score0.00179EPSS
Exploits0References4
Prion
Prion
•added 2024/02/28 9:15 a.m.•18 views

Design/Logic Flaw

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templatesajaxrequest function in all versions up to, and including, 1.4.4. This makes it possible for subscribers and higher to...

4CVSS6.9AI score0.00457EPSS
Exploits0References2
Prion
Prion
•added 2024/02/28 9:15 a.m.•26 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Make sure GHCB is mapped before updating Access to the GHCB is mainly in the VMGEXIT path and it is known that the GHCB will be mapped. But there are two paths where it is possible the GHCB might not be mapped. The...

6.6AI score0.00236EPSS
Exploits0References3
Prion
Prion
•added 2024/02/28 9:15 a.m.•25 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76connacmcuuniadddev routine. 507.984882 ------------ cut here ------------ 507.989515 WARNING: CPU: 1 PID...

6.6AI score0.00246EPSS
Exploits0References2
Total number of security vulnerabilities213680