📦 H500e Firmware

A memory leak vulnerability in the Linux kernel's ICMPv6 implementation allows remote attackers to cause denial-of-service by sending crafted ICMPv6 packets (types 130 or 131), leading to system memor...

CVE-2021-42377 is a critical vulnerability in BusyBox's hush shell applet where an attacker-controlled pointer free leads to denial of service and potential remote code execution when processing a cra...

This CVE describes a use-after-free vulnerability in the GNU C Library (glibc) mq_notify function affecting versions 2.32 and 2.33. Attackers could exploit this to cause denial of service (application...

CVE-2022-1882 is a use-after-free vulnerability in the Linux kernel's pipes functionality that allows a local user to crash the system or potentially escalate privileges. This affects Linux systems wi...

A use-after-free vulnerability in the Linux kernel's NFC Marvell driver allows attackers to potentially execute arbitrary code or cause denial of service. This affects Linux systems with the nfcmrvl d...

A local privilege escalation vulnerability in the Linux kernel's net/sched subsystem allows attackers with local access to gain root privileges. This affects Linux kernel versions 4.14 through 5.17. T...

CVE-2022-1679 is a use-after-free vulnerability in the Linux kernel's Atheros wireless adapter driver (ath9k_htc). It allows a local attacker to crash the system or potentially escalate privileges by ...

CVE-2022-1292 is a command injection vulnerability in the c_rehash script distributed with OpenSSL. It allows attackers to execute arbitrary commands with script privileges when the script processes u...

A memory leak vulnerability in OpenSSL's OPENSSL_LH_flush() function causes unbounded memory growth when processing certificates or keys. This affects long-lived processes like TLS clients/servers usi...

A use-after-free vulnerability in the Linux kernel's sound subsystem allows local attackers to trigger race conditions in ALSA PCM ioctl operations. This can lead to system crashes or potential privil...

A local privilege escalation vulnerability in the Linux kernel's pfkey_register function allows unprivileged local users to access kernel memory. This can lead to system crashes or information disclos...

CVE-2022-29156 is a double-free vulnerability in the Linux kernel's RDMA Transport (RTRS) client driver that could allow local attackers to cause a kernel panic or potentially execute arbitrary code. ...

This vulnerability in the Linux kernel's SUNRPC subsystem allows a use-after-free condition when freeing transport structures before sockets are properly closed. Attackers could potentially exploit th...

CVE-2022-28796 is a use-after-free vulnerability in the Linux kernel's jbd2 journaling subsystem caused by a transaction_t race condition. This allows local attackers to potentially escalate privilege...

CVE-2022-1055 is a use-after-free vulnerability in the Linux kernel's tc_new_tfilter function that allows local attackers to escalate privileges. The exploit requires unprivileged user namespaces to b...

A memory access vulnerability in the Linux kernel's i915 GPU driver allows local attackers to execute malicious GPU code, potentially causing system crashes or privilege escalation. This affects Linux...

This vulnerability in the Linux kernel's BPF subsystem allows a local user to trigger an out-of-bounds memory write via the BPF_BTF_LOAD command. This can lead to system crashes or privilege escalatio...

CVE-2022-0995 is an out-of-bounds write vulnerability in the Linux kernel's watch_queue subsystem that allows a local attacker to overwrite kernel memory. This can lead to privilege escalation or deni...

This vulnerability is an out-of-bounds memory write flaw in the Linux kernel's NFS subsystem, specifically affecting mirroring/replication functionality. It allows authenticated users with NFS mount a...

CVE-2022-0635 is a denial-of-service vulnerability in BIND 9.18.0 where specific DNS queries can trigger an assertion failure, causing the named process to terminate. This affects organizations runnin...

CVE-2022-27666 is a heap buffer overflow vulnerability in the Linux kernel's IPsec ESP transformation code. It allows local attackers with standard user privileges to overwrite kernel heap objects, po...

CVE-2022-0667 is a denial-of-service vulnerability in BIND 9.18.0 where specially crafted queries cause the BIND process to exit, disrupting DNS services. This affects organizations running BIND 9.18....

A use-after-free vulnerability in the Linux kernel's FUSE filesystem allows a local attacker to trigger write() operations that can lead to unauthorized data access and privilege escalation. This affe...

This vulnerability allows a malicious USB device host to manipulate endpoint indexes in the Linux kernel's Xilinx USB gadget driver, leading to out-of-bounds array access. It affects Linux systems usi...

CVE-2022-0847 (Dirty Pipe) is a Linux kernel vulnerability that allows unprivileged local users to write to read-only files in the page cache, enabling privilege escalation to root. This affects Linux...

A local privilege escalation vulnerability in the KVM subsystem for s390 architecture in Linux kernel allows a local attacker with normal user privileges to gain unauthorized memory write access. This...

A NULL pointer dereference vulnerability in the Linux kernel's Btrfs filesystem allows local attackers with CAP_SYS_ADMIN privileges to crash the system or leak kernel memory information. This affects...

This CVE describes a buffer overflow vulnerability in the Linux kernel's NFC driver (st21nfca). Attackers can exploit this by sending specially crafted NFC connectivity events with untrusted length pa...

This CVE describes a use-after-free vulnerability in the Linux kernel's Bluetooth HCI subsystem. A privileged local attacker can trigger a race condition to crash the system or potentially escalate pr...

CVE-2021-3609 is a race condition vulnerability in the Linux kernel's CAN BCM networking protocol that allows local attackers to corrupt memory and potentially escalate privileges to root. This affect...

CVE-2022-23308 is a use-after-free vulnerability in libxml2's validation component that allows attackers to potentially execute arbitrary code or cause denial of service. It affects applications that ...

This CVE describes a use-after-free vulnerability in the Linux kernel's MCTP subsystem that occurs when cancel_work_sync is triggered after unregister_netdev during device removal. A local attacker co...

This Linux kernel vulnerability allows remote attackers to bypass UDP source port randomization by exploiting flaws in ICMP error processing. Attackers can scan open UDP ports more effectively, compro...

A use-after-free vulnerability in the Linux kernel's Bluetooth subsystem allows local attackers to crash the system or potentially escalate privileges through a race condition when connecting and disc...

CVE-2021-3760 is a use-after-free vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem. This flaw allows local attackers to potentially execute arbitrary code, escalate privile...

CVE-2022-0185 is a heap-based buffer overflow vulnerability in the Linux kernel's Filesystem Context API legacy handling. It allows a local attacker to escalate privileges to root, potentially gaining...

CVE-2022-24122 is a use-after-free vulnerability in the Linux kernel's ucount.c that allows privilege escalation when unprivileged user namespaces are enabled. A ucounts object can outlive its namespa...

This vulnerability allows local attackers with low-privileged access to escalate privileges to kernel-level execution through improper eBPF program validation in Linux Kernel 5.14-rc3. Attackers can e...

A race condition vulnerability in the Linux kernel's Unix domain socket garbage collection allows local users to trigger a read-after-free memory flaw. This can lead to system crashes or privilege esc...

This vulnerability in the Linux kernel's BPF verifier allows local users to perform privilege escalation through pointer arithmetic with certain *_OR_NULL pointer types. It affects Linux kernel versio...

This vulnerability allows an attacker to trigger an out-of-bounds memory access in the Linux kernel's F2FS filesystem when processing extended attributes. It affects Linux systems using F2FS filesyste...

This CVE describes a use-after-free vulnerability in the TEE subsystem of the Linux kernel caused by a race condition in tee_shm_get_from_id. Attackers could potentially exploit this to execute arbitr...

The ksmbd SMB server in Linux kernels up to 5.15.8 incorrectly sets encryption flags when using SMB 3.1.1, causing Windows 10 clients to disable encryption and forcing communication in cleartext. This...