| Page(s) : 1 ... 13 14 15 16 17 18 19 20 21 22 [23] 24 25 26 27 28 29 30 31 32 33 ... | Result(s) : 82759 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2024-02-22 | CVE-2024-26589 | cve | In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only use... |
| 7.8 | 2024-02-22 | CVE-2024-26592 | cve | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection... |
| 7.5 | 2024-02-22 | CVE-2024-1104 | cve | An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb the webservice for all users. |
| 7.7 | 2024-02-22 | CVE-2024-0410 | cve | An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass ... |
| 8.7 | 2024-02-22 | CVE-2024-1451 | cve | An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload added to the user profile page could lead to a stored XS... |
| 7.8 | 2024-02-21 | CVE-2024-26582 | cve | In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_sg doesn't take a refere... |
| 7.5 | 2024-02-21 | CVE-2022-45177 | cve | An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, ... |
| 8.4 | 2024-02-21 | CVE-2024-1708 | cve | ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact conf... |
| 7.8 | 2024-02-21 | CVE-2023-52440 | cve | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than ... |
| 7.8 | 2024-02-21 | CVE-2023-52441 | cve | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in init_smb2_rsp_hdr() If client send smb2 negotiate request and then send smb1 ne... |
| 7.8 | 2024-02-20 | CVE-2023-52436 | cve | In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr l... |
| 7.8 | 2024-02-20 | CVE-2023-52438 | cve | In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's... |
| 7.8 | 2024-02-20 | CVE-2023-52439 | cve | In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------... |
| 8 | 2024-02-20 | CVE-2023-52434 | cve | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing ... |
| 8.1 | 2024-02-20 | CVE-2024-24793 | cve | A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature free... |
| 8.1 | 2024-02-20 | CVE-2024-24794 | cve | A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature free... |
| 7.8 | 2024-02-20 | CVE-2024-26581 | cve | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end ... |
| 7.5 | 2024-02-20 | CVE-2024-1647 | cve | Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content ente... |
| 7.5 | 2024-02-20 | CVE-2024-1648 | cve | electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content e... |
| 7.2 | 2024-02-20 | CVE-2023-6398 | cve | A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware ve... |
| Page(s) : 1 ... 13 14 15 16 17 18 19 20 21 22 [23] 24 25 26 27 28 29 30 31 32 33 ... | Result(s) : 82759 |
