Vulnerabilities > Exposure of Resource to Wrong Sphere
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-27 | CVE-2021-46921 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. | 5.5 |
2024-02-27 | CVE-2021-46923 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took when we built it. | 5.5 |
2024-02-27 | CVE-2021-46935 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: binder: fix async_free_space accounting for empty parcels In 4.13, commit 74310e06be4d ("android: binder: Move buffer out of area shared with user space") fixed a kernel structure visibility issue. | 5.5 |
2024-02-27 | CVE-2021-46937 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'target_ids' file write callback ('dbgfs_target_ids_write()'), but decreases the counts only in DAMON monitoring termination callback ('dbgfs_before_terminate()'). Therefore, when 'target_ids' file is repeatedly written without DAMON monitoring start/termination, the reference count is not decreased and therefore memory for the 'struct pid' cannot be freed. | 5.5 |
2024-02-27 | CVE-2021-46917 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. | 5.5 |
2024-02-26 | CVE-2021-46906 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. | 5.5 |
2024-02-05 | CVE-2023-7014 | Exposure of Resource to Wrong Sphere vulnerability in Amitzy Molongui Authorship The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. | 7.5 |
2024-02-02 | CVE-2023-50328 | Exposure of Resource to Wrong Sphere vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. | 5.3 |
2024-01-31 | CVE-2024-21626 | Exposure of Resource to Wrong Sphere vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 8.6 |
2024-01-29 | CVE-2023-7204 | Exposure of Resource to Wrong Sphere vulnerability in Wp-Staging WP Staging The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides | 7.5 |