CVE-2018-16892

CVE-2018-16892 entry is rejected/not used and does not represent an active vulnerability.

CVE-2018-16892

...

CVE-2020-16892

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a...

CVE-2020-16892

CVE-2020-16892 is a Windows kernel image elevation-of-privilege vulnerability. It arises from how the Windows kernel handles objects in memory, enabling a locally authenticated attacker to execute code with elevated permissions. The described exploitation path requires a locally run crafted appli...

Microsoft Windows Multiple Vulnerabilities (KB4580327)

This host is missing a critical security update according to Microsoft KB4580327 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB4577668: Windows 10 Version 1809 and Windows Server 2019 October 2020 Security Update

The remote Windows host is missing security update 4577668. It is, therefore, affected by multiple vulnerabilities : - A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and...

KB4580358: Windows 8.1 and Windows Server 2012 R2 October 2020 Security Update

The remote Windows host is missing security update 4580358 or cumulative update 4580347. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability...

Moderate: Red Hat Security Advisory: CloudForms 5.0.1 security, bug fix and enhancement update

An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Fedora 31 : rubygem-rubyzip (2019-8ecd991303)

Fix CVE-2019-16892 denial of service via crafted ZIP file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 29 : rubygem-rubyzip (2019-52445dce42)

Fix CVE-2019-16892 denial of service via crafted ZIP file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 30 : rubygem-rubyzip (2019-0182d0b304)

Fix CVE-2019-16892 denial of service via crafted ZIP file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

CVE-2019-16892

CVE-2019-16892 in Rubyzip: A crafted ZIP can bypass ZIP-entry size checks because the uncompressed size data can be spoofed, enabling a denial of service via disk consumption. Affected: rubyzip before 1.3.0. Root cause: manipulated size metadata in ZIP entries. Impact: local DoS through excessive...

CVE-2019-16892

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption...

CVE-2017-16892

The CVE-2017-16892 entry applies to Bftpd before 4.7, where the file-rename function contains a memory-leak bug. Multiple sources corroborate a memory-leak risk that can lead to denial of service; CVSS data shows a high impact for the 3.0 vector (HIGH availability impact) and medium base score (5...