Lucene search
+L

169 matches found

Veracode
Veracode
added 2019/05/02 5:20 a.m.34 views

Improper Access Control

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

7.8CVSS6.3AI score0.03646EPSS
Exploits15References40Affected Software1
Veracode
Veracode
added 2019/05/02 5:20 a.m.33 views

Integer Overflow

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

7.8CVSS6.2AI score0.03646EPSS
Exploits15References53Affected Software1
Virtuozzo
Virtuozzo
added 2019/04/12 12:0 a.m.15 views

Virtuozzo Linux Errata and Bugfix Advisory 2019:0728

Upstream security update. Follow RHBA-2019:0728 for details...

2.4AI score
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/06 1:48 p.m.63 views

Visual Studio CVE-2019-0728 Remote Code Execution

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Mitigations Microsoft has not...

9.3CVSS4.5AI score0.27705EPSS
Exploits0
CVE
CVE
added 2019/03/06 12:0 a.m.87 views

CVE-2019-0728

CVE-2019-0728 describes a remote code execution vulnerability in Visual Studio Code: if the editor processes environment variables when a project is opened, an attacker could run arbitrary code in the current user context. Exploitation requires user action to clone a repository and open it in VS ...

9.3CVSS8.1AI score0.27705EPSS
Exploits0References4Affected Software1
Circl
Circl
added 2019/02/13 2:35 p.m.10 views

CVE-2019-0728

creationtimestamp| type| source ---|---|--- 2019-02-13 14:35:53+00:00| seen| MISP/5c642a56-2440-4af0-8bfd-6e4a0a021402...

9.3CVSS6.8AI score0.27705EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/12/06 12:0 a.m.33 views

RHEL 6 : rubygem packages (RHSA-2013:0728)

This update fixes one security issue in multiple rubygem packages for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

4.3CVSS8.3AI score0.03622EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:30 a.m.43 views

Security Bulletin: Vulnerability in Linux Kernel affects PowerKVM (CVE-2016-0728)

Summary A Linux Kernel privilege escalation vulnerability affects PowerKVM. Vulnerability Details CVEID: CVE-2016-0728 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the joinsessionkeyring function in...

7.8CVSS2.5AI score0.03646EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 2:9 p.m.39 views

Security Vulnerabilities Addressed in Asset and Service Mgmt

Abstract Security Bulletin: Vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and SmartCloud Control Desk. See Details for CVE IDs. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-0714, CVE-2012-0727, CVE-2012-0728,...

6.8CVSS6.5AI score0.02021EPSS
Exploits0Affected Software13
NVD
NVD
added 2017/08/09 9:29 p.m.12 views

CVE-2017-0728

A denial of service vulnerability in the Android media framework hevc decoder. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37469795...

7.8CVSS7.1AI score0.00336EPSS
Exploits0References2
CVE
CVE
added 2017/08/09 9:0 p.m.54 views

CVE-2017-0728

CVE-2017-0728 is a denial-of-service vulnerability in the Android media framework, specifically the HEVC decoder. Affected products/versions: Android 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. The issue is classified as DoS in the Media framework with absence of explicit exploit details in the ...

7.8CVSS7AI score0.00336EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/03/14 1:30 p.m.9 views

SUSE-SU-2016:0756-1 Security update for kernel live patch 7

This kernel live patch for Linux Kernel 3.12.44-52.18.1 fixes two security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962078. - CVE-2013-7446: Use-after-free vulnerability in net/unix/afunix.c...

7.8CVSS6.2AI score0.03646EPSS
Exploits15References5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.49 views

Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)

Update to latest upstream stable release, Linux v4.3.4. Elan touchpad fixes. ---- Update to 4.3.y stable series. Fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...

10CVSS6.8AI score0.09235EPSS
Exploits18References21
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.45 views

Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)

Backported i915, networking, and nouveau fixes tagged for stable from 4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and backports of all the i915 patches queued for stable from 4.4. ---- A number of fixes across the tree Note that Tenable Network Security has extracted the precedin...

7.8CVSS6.9AI score0.03646EPSS
Exploits18References7
myhack58
myhack58
added 2016/02/20 12:0 a.m.29 views

The use of the Linux kernel in Use-After-Free(UAF)vulnerability to mention the right-vulnerability warning-the black bar safety net

Last month broke the CVE-2 0 1 6-0 7 2 8 (local mention the right loopholes so everyone's attention once again focused on the linux kernel security. And CVE-2 0 1 5-3 6 3 6, The CVE-2 0 1 5-7 3 1 2, The CVE-2 0 1 4-2 8 5 1, CVE-2 0 1 6-0 7 2 8 is a Use-After-Free(UAF types of vulnerabilities. We...

0.2AI score0.03646EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2016/02/17 12:0 a.m.60 views

Oracle Linux 7 : kernel (ELSA-2016-0185)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0185 advisory. - security keys: Fix keyring ref leak in joinsessionkeyring David Howells 1298931 1298036 CVE-2016-0728 - security keys: Don't permit requestkey to...

7.8CVSS7.1AI score0.03646EPSS
Exploits14References3
OSV
OSV
added 2016/02/08 3:59 a.m.11 views

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS7.5AI score0.03646EPSS
Exploits14References42
Cvelist
Cvelist
added 2016/02/08 2:0 a.m.32 views

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.7AI score0.03646EPSS
Exploits14References42
CVE
CVE
added 2016/02/08 2:0 a.m.422 views

CVE-2016-0728

The CVE-2016-0728 issue affects the Linux kernel up to version 4.4.1, specifically in the keyring handling path join_session_keyring() within security/keys/process_keys.c. A flaw in object reference management in an error path can allow a local, unprivileged user to escalate privileges or cause a...

7.8CVSS6.5AI score0.03646EPSS
In wildExploits14References42Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/08 12:0 a.m.44 views

openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962075. - CVE-2015-7550: A local user could have...

10CVSS7.8AI score0.05059EPSS
Exploits18References57
Rows per page
Query Builder