CVE-2024-32487
- EPSS 0.26%
- Veröffentlicht 13.04.2024 15:15:52
- Zuletzt bearbeitet 17.06.2025 20:58:12
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untr...
CVE-2023-32250
- EPSS 0.09%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 21.11.2024 08:02:58
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an o...
CVE-2020-12464
- EPSS 0.08%
- Veröffentlicht 29.04.2020 18:15:13
- Zuletzt bearbeitet 21.11.2024 04:59:45
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
CVE-2017-7657
- EPSS 7.64%
- Veröffentlicht 26.06.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:32:23
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow...
CVE-2016-5195
- EPSS 94.18%
- Veröffentlicht 10.11.2016 21:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...