Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

H410C Security Vulnerabilities - 2023

cve
cve

CVE-2022-48502

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.

7.1CVSS

7AI Score

0.001EPSS

2023-05-31 08:15 PM
66
cve
cve

CVE-2023-1295

A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622...

7.8CVSS

6.5AI Score

0.0004EPSS

2023-06-28 12:15 PM
28
cve
cve

CVE-2023-1838

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.

7.1CVSS

6.4AI Score

0.0004EPSS

2023-04-05 07:15 PM
88
cve
cve

CVE-2023-1989

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

7CVSS

6.9AI Score

0.0004EPSS

2023-04-11 09:15 PM
119
2
cve
cve

CVE-2023-28466

do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).

7CVSS

6.9AI Score

0.0004EPSS

2023-03-16 12:15 AM
131
cve
cve

CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage th...

7.5CVSS

7.5AI Score

0.006EPSS

2023-07-24 04:15 PM
46
cve
cve

CVE-2023-3390

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local at...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-06-28 09:15 PM
291
cve
cve

CVE-2023-35001

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

7.8CVSS

8AI Score

0.0005EPSS

2023-07-05 07:15 PM
316
cve
cve

CVE-2023-35826

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.

7CVSS

6.5AI Score

0.0004EPSS

2023-06-18 10:15 PM
32
cve
cve

CVE-2023-35828

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

7CVSS

7.1AI Score

0.0004EPSS

2023-06-18 10:15 PM
67