Lucene search

K

Enterprise Linux Server Update Services For Sap Solutions Security Vulnerabilities

cve
cve

CVE-2019-8720

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption...

8.8CVSS

9.3AI Score

0.007EPSS

2023-03-06 11:15 PM
1030
In Wild
cve
cve

CVE-2022-4254

sssd: libsss_certmap fails to sanitise certificate data used in LDAP...

8.8CVSS

8.3AI Score

0.002EPSS

2023-02-01 05:15 PM
196
cve
cve

CVE-2022-2601

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An...

8.6CVSS

8.5AI Score

0.001EPSS

2022-12-14 09:15 PM
518
6
cve
cve

CVE-2022-1227

A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to.....

8.8CVSS

8.3AI Score

0.003EPSS

2022-04-29 04:15 PM
271
5
cve
cve

CVE-2022-27649

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to.....

7.5CVSS

7.2AI Score

0.002EPSS

2022-04-04 08:15 PM
179
3
cve
cve

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges.....

8.8CVSS

8.8AI Score

0.01EPSS

2022-03-25 07:15 PM
366
3
cve
cve

CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-03-25 07:15 PM
321
5
cve
cve

CVE-2022-1011

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-03-18 06:15 PM
371
cve
cve

CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page.....

7.8CVSS

7.7AI Score

0.076EPSS

2022-03-10 05:44 PM
1784
In Wild
4
cve
cve

CVE-2022-0516

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to...

7.8CVSS

7.3AI Score

0.0004EPSS

2022-03-10 05:44 PM
235
2
cve
cve

CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is.....

6.5CVSS

6.9AI Score

0.003EPSS

2022-03-10 05:42 PM
679
6
cve
cve

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a...

8.8CVSS

8.5AI Score

0.0004EPSS

2022-03-04 07:15 PM
246
cve
cve

CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older...

5.5CVSS

6.2AI Score

0.001EPSS

2022-03-04 04:15 PM
157
4
cve
cve

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to...

7CVSS

7.1AI Score

0.0004EPSS

2022-03-03 07:15 PM
218
cve
cve

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation...

7.8CVSS

7.9AI Score

0.095EPSS

2022-03-03 07:15 PM
463
5
cve
cve

CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result...

7.2CVSS

6.7AI Score

0.001EPSS

2022-02-18 06:15 PM
1237
cve
cve

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege...

8.1CVSS

8AI Score

0.001EPSS

2022-02-18 06:15 PM
668
2
cve
cve

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was...

5.9CVSS

6.6AI Score

0.002EPSS

2022-02-18 06:15 PM
471
cve
cve

CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat....

7.8CVSS

7.3AI Score

0.0004EPSS

2022-02-16 05:15 PM
66
cve
cve

CVE-2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count....

7.8CVSS

7.6AI Score

0.0005EPSS

2022-01-28 08:15 PM
1600
In Wild
7
cve
cve

CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as...

5.6CVSS

5.7AI Score

0.002EPSS

2021-11-23 07:15 PM
392
3
cve
cve

CVE-2020-14301

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the...

6.5CVSS

6.4AI Score

0.001EPSS

2021-05-27 08:15 PM
93
7
cve
cve

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability...

7.5CVSS

8.3AI Score

0.006EPSS

2020-08-07 04:15 PM
2760
In Wild
4
cve
cve

CVE-2019-19906

cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in...

7.5CVSS

7.4AI Score

0.007EPSS

2019-12-19 06:15 PM
253
cve
cve

CVE-2019-15718

In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus...

4.4CVSS

4.7AI Score

0.001EPSS

2019-09-04 12:15 PM
221
cve
cve

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message.....

5.5CVSS

5.3AI Score

0.0004EPSS

2019-03-21 04:01 PM
373
2
cve
cve

CVE-2017-15129

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and....

4.7CVSS

6.3AI Score

0.0004EPSS

2018-01-09 07:29 PM
198
cve
cve

CVE-2015-3214

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid...

5.9AI Score

0.001EPSS

2015-08-31 10:59 AM
111
4
cve
cve

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified...

6.5AI Score

0.003EPSS

2015-08-12 02:59 PM
81
2