In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below:...
6.4AI Score
0.0004EPSS
CVE-2023-52738 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini Currently amdgpu calls drm_sched_fini() from the fence driver sw fini routine - such function is expected to be called only after the respective init function -...
6.7AI Score
0.0004EPSS
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configuration (The celery provider is the only community provider...
4.3CVSS
6.7AI Score
0.0005EPSS
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC...
6.8CVSS
6.9AI Score
0.0004EPSS
CVE-2024-27412 power: supply: bq27xxx-i2c: Do not free non existing IRQ
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx-i2c: Do not free non existing IRQ The bq27xxx i2c-client may not have an IRQ, in which case client->irq will be 0. bq27xxx_battery_i2c_probe() already has an if (client->irq) check wrapping the...
6.7AI Score
0.0004EPSS
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and...
8.8CVSS
7.1AI Score
0.002EPSS
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC...
6.8CVSS
6.8AI Score
0.0004EPSS
CVE-2024-35884 udp: do not accept non-tunnel GSO skbs landing in a tunnel
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...
6.6AI Score
0.0004EPSS
CVE-2023-52738 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini Currently amdgpu calls drm_sched_fini() from the fence driver sw fini routine - such function is expected to be called only after the respective init function -...
6.3AI Score
0.0004EPSS
[Security flaw in WI-FI reset settings]
In factoryReset of WifiServiceImpl.java, there is a possible way to preserve WiFi settings due to a logic error in the code. This could lead to local non-security issues across resets with no additional execution privileges needed. User interaction is not needed for...
6.4AI Score
EPSS
CVE-2024-27412 power: supply: bq27xxx-i2c: Do not free non existing IRQ
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx-i2c: Do not free non existing IRQ The bq27xxx i2c-client may not have an IRQ, in which case client->irq will be 0. bq27xxx_battery_i2c_probe() already has an if (client->irq) check wrapping the...
6.4AI Score
0.0004EPSS
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary...
7.5AI Score
0.0004EPSS
github.com/golang-fips/openssl and github.com/microsoft/go-crypto-openssl are vulnerable to Memory Leak. The vulnerability is due to the mishandling of non-compliant RSA keys during encryption and verification, leading to a gradual depletion of available memory, which can result in a system...
7.5CVSS
6.5AI Score
0.0005EPSS
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for...
6.8AI Score
0.0004EPSS
CVE-2024-36953 KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid,...
7.4AI Score
0.0004EPSS
Qi Addons For Elementor < 1.7.3 - Authenticated (Contributor+) Local File Inclusion
Description The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.7.2 via the 'behavior' attributes found in the qi_addons_for_elementor_blog_list shortcode. This makes it possible for authenticated attackers, with...
7.5CVSS
7.2AI Score
0.001EPSS
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to...
4.3CVSS
6.6AI Score
0.0004EPSS
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configuration (The celery provider is the only community provider...
4.3CVSS
6.7AI Score
0.0005EPSS
Authentication bypass in github.com/hashicorp/vault
The TLS certificate authentication method incorrectly validates client certificates when configured with a non-CA certificate as a trusted certificate. When configured this way, attackers may be able to craft a certificate that can be used to bypass...
8.1CVSS
7.2AI Score
0.0004EPSS
silverstripe/framework is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to improper validation allowing users to specify a non-URL malicious script as the redirection path, which executes within the browser when the URL is...
6.5AI Score
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The expose_config option is False by default. It is recommended to upgrade to a....
4.3CVSS
6.5AI Score
0.0005EPSS
On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports...
5.3CVSS
5.2AI Score
0.001EPSS
An update is available for dhcp, bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the...
7.5CVSS
7.8AI Score
0.05EPSS
TYPO3 Information Disclosure in Install Tool
The Install Tool exposes the current TYPO3 version number to non-authenticated...
7AI Score
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
8.8CVSS
9.4AI Score
0.001EPSS
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary...
7.5AI Score
0.0004EPSS
F5 Networks BIG-IP : BIG-IP HTTP non-RFC-compliant security exposure (K11342432)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 15.1.7 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K11342432 advisory. This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a...
7.3AI Score
TYPO3 Information Disclosure in Install Tool
The Install Tool exposes the current TYPO3 version number to non-authenticated...
7AI Score
Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in...
5.5CVSS
6.6AI Score
0.001EPSS
Org.apache.zookeeper: zookeeper is vulnerable to authorization bypass. This vulnerability exists due to improper implementation of a User-Controlled Key for user authentication, allowing an attacker to gain access to the system and perform unauthorized actions. Note that this vulnerability is only....
9.1CVSS
9.1AI Score
0.004EPSS
silverstripe/framework is vulnerable to user ID Enumeration. The vulnerability is due to differing error messages: non-existent users do not receive a locked out message, which allows an attacker to infer or confirm user details that exist in the member...
6.9AI Score
Intel Active Management - Authentication Bypass
Intel Active Management platforms are susceptible to authentication bypass. A non-privileged network attacker can gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability. A non-privileged local attacker can provision....
9.8CVSS
7.1AI Score
0.974EPSS
github.com/dnscrypt/dnscrypt-proxy is vulnerable to Privilege escalation. The vulnerability is caused by insecure file permissions on the dnscrypt-proxy executable, which allows non-privileged users to overwrite it with malicious code, leading to potential privilege escalation to root when the...
7.4AI Score
0.0004EPSS
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...
7.5CVSS
7.2AI Score
0.0004EPSS
Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): jinja2: accepts keys containing non-attribute characters...
5.4CVSS
6.8AI Score
0.0004EPSS
Zabbix - SAML SSO Authentication Bypass
When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor because a user login stored in the session was not...
9.8CVSS
9.4AI Score
0.97EPSS
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
8.8CVSS
8.6AI Score
0.001EPSS
Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): jinja2: accepts keys containing non-attribute characters...
5.4CVSS
7.3AI Score
0.0004EPSS
tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. --delim, --buf-size, --manpath) are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All...
4.8CVSS
5.4AI Score
0.0004EPSS
CVE-2024-35789 wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can cause use-after-free.....
7.4AI Score
0.0004EPSS
CVE-2024-26692 smb: Fix regression in writes when non-standard maximum write size negotiated
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value which is not a...
6.7AI Score
0.0004EPSS
Mattermost vulnerable to denial of service via large number of emoji reactions
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the...
4.3CVSS
4.3AI Score
0.0005EPSS
Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): jinja2: accepts keys containing non-attribute characters...
5.4CVSS
7AI Score
0.0004EPSS
In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations. This vulnerability is mitigated by the fact configuration is not shown in the UI by default (only if [webserver] expose_config is set to non-sensitive-only), and not all uncensored values are...
6.5CVSS
7AI Score
0.001EPSS
CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...
5.3CVSS
5.4AI Score
0.0005EPSS
A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...
7.5CVSS
7.8AI Score
0.001EPSS
Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid...
7.5CVSS
6.9AI Score
0.001EPSS
CVE-2024-35789 wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can cause use-after-free.....
6.8AI Score
0.0004EPSS
CVE-2021-47172 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7AI Score
0.0004EPSS
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post and to.....
4.3CVSS
4.3AI Score
0.0005EPSS