2031
|
7.0 |
HIGH
Local
|
qemu redhat
|
qemu enterprise_linux
|
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, fo…
|
CWE-662
Improper Synchronization
|
CVE-2023-5088
|
2024-09-14 04:15 |
2023-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2032
|
8.8 |
HIGH
Network
|
linux redhat netapp
|
linux_kernel enterprise_linux solidfire_\&_hci_management_node active_iq_unified_manager solidfire_\&_hci_storage_node
|
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious …
|
CWE-416
Use After Free
|
CVE-2023-5178
|
2024-09-14 04:15 |
2023-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2033
|
4.4 |
MEDIUM
Local
|
linux redhat fedoraproject
|
linux_kernel enterprise_linux fedora
|
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw …
|
CWE-125
Out-of-bounds Read
|
CVE-2023-39194
|
2024-09-14 04:15 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2034
|
6.0 |
MEDIUM
Local
|
linux redhat fedoraproject
|
linux_kernel enterprise_linux fedora
|
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an ou…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-39193
|
2024-09-14 04:15 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2035
|
6.0 |
MEDIUM
Local
|
linux redhat fedoraproject
|
linux_kernel enterprise_linux fedora
|
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-39192
|
2024-09-14 04:15 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2036
|
6.0 |
MEDIUM
Local
|
linux redhat fedoraproject
|
linux_kernel enterprise_linux fedora
|
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_N…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-39189
|
2024-09-14 04:15 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2037
|
5.5 |
MEDIUM
Local
|
linux redhat debian
|
linux_kernel enterprise_linux debian_linux
|
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `r…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-42755
|
2024-09-14 04:15 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2038
|
5.5 |
MEDIUM
Local
|
linux redhat fedoraproject
|
linux_kernel enterprise_linux fedora
|
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-42754
|
2024-09-14 04:15 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2039
|
7.8 |
HIGH
Local
|
linux redhat debian
|
linux_kernel enterprise_linux debian_linux
|
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the pr…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-42753
|
2024-09-14 04:15 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2040
|
6.5 |
MEDIUM
Network
|
qemu redhat fedoraproject
|
qemu enterprise_linux fedora
|
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2023-3255
|
2024-09-14 04:15 |
2023-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|