Show filters
961 Total Results
Displaying 21-30 of 961
Sort by:
Attacker Value
Unknown

CVE-2024-11149

Disclosure Date: December 06, 2024 (last updated December 21, 2024)
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
0
0
Attacker Value
Unknown

CVE-2024-11148

Disclosure Date: December 05, 2024 (last updated December 21, 2024)
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
0
0
Attacker Value
Unknown

CVE-2024-10933

Disclosure Date: December 05, 2024 (last updated December 21, 2024)
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.
0
0
Attacker Value
Unknown

CVE-2024-10934

Disclosure Date: November 15, 2024 (last updated November 16, 2024)
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.
0
0
Attacker Value
Unknown

CVE-2024-51566

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
The NVMe driver queue processing is vulernable to guest-induced infinite loops.
0
0
Attacker Value
Unknown

CVE-2024-51565

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
The hda driver is vulnerable to a buffer over-read from a guest-controlled value.
0
0
Attacker Value
Unknown

CVE-2024-51564

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
A guest can trigger an infinite loop in the hda audio driver.
0
0
Attacker Value
Unknown

CVE-2024-51563

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition.
0
0
Attacker Value
Unknown

CVE-2024-51562

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value.
0
0
Attacker Value
Unknown

CVE-2024-45289

Disclosure Date: November 12, 2024 (last updated November 13, 2024)
The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option.
0
0
View More Topics  < Previous  Next >