Lucene search
+L

80 matches found

OSV
OSV
added 2019/01/11 9:29 p.m.3 views

DEBIAN-CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

7.8CVSS8.3AI score0.02958EPSS
Exploits2References1
OSV
OSV
added 2019/01/11 8:29 p.m.2 views

DEBIAN-CVE-2018-16864

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges...

7.8CVSS8.1AI score0.00717EPSS
Exploits2References1
OSV
OSV
added 2019/01/11 12:0 a.m.4 views

UBUNTU-CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

7.8CVSS7AI score0.02958EPSS
Exploits2References3
OSV
OSV
added 2019/01/11 12:0 a.m.3 views

UBUNTU-CVE-2018-16864

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges...

7.8CVSS6.7AI score0.00717EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/12/31 12:0 a.m.53 views

openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

8.8CVSS7.1AI score0.08101EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2018/12/13 12:0 a.m.38 views

Xen Project XSA-240 Mitigation Shadow Paging Conflict Vulnerability (XSA-280)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability allowing a guest system to potentially elevate privileges, access protected information, and perform a DoS against the host. A number of caveats exist to determine if a...

8.8CVSS7AI score0.00438EPSS
Exploits0References3
Xen Project
Xen Project
added 2018/11/20 12:0 p.m.258 views

Fix for XSA-240 conflicts with shadow paging

ISSUE DESCRIPTION The fix for XSA-240 introduced a new field into the control structure associated with each page of RAM. This field was added to a union, another member of which is used when Xen uses shadow paging for the guest. During migration, or with the L1TF XSA-273 mitigation for PV guests...

8.8CVSS0.5AI score0.00438EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2018/08/20 7:0 p.m.33 views

CVE-2018-1000655

Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsiValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appear to be exploitable via a crafted javascript code. This vulnerability appears to have been fixed in...

6.5AI score0.00891EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/17 12:0 a.m.5 views

Intelbras Win 240 Cross-Site Scripting Vulnerability

The Intelbras Win 240 is a wireless router from Intelbras Brazil. A cross-site scripting vulnerability exists in Intelbras Win 240 version 1.1.0. A remote attacker can exploit the vulnerability to change the Admin password...

10CVSS9AI score0.01878EPSS
Exploits0References1
OSV
OSV
added 2018/08/15 5:29 p.m.3 views

CVE-2018-10369

A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...

9.8CVSS5.8AI score0.01878EPSS
Exploits0References1
NVD
NVD
added 2018/08/15 5:29 p.m.17 views

CVE-2018-10369

A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...

10CVSS8.3AI score0.01878EPSS
Exploits0References1
Prion
Prion
added 2018/08/15 5:29 p.m.16 views

Cross site scripting

A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...

10CVSS8.1AI score0.01878EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/08/15 5:0 p.m.47 views

CVE-2018-10369

CVE-2018-10369 affects Intelbras Win 240 router (V1.1.0). The vulnerability is a Cross‑Site Scripting (XSS) flaw in the device’s web interface that allows an attacker to change the Admin password without authentication. Multiple sources (NVD, CNVD, PRION, CVE list) corroborate the XSS impact on I...

10CVSS8.1AI score0.01878EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/08/15 5:0 p.m.19 views

CVE-2018-10369

A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...

8.3AI score0.01878EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.44 views

Fedora 27 : xen (2017-5945560816)

another patch related to the XSA-240, CVE-2017-15595 issue x86 PV guests may gain access to internally used page XSA-248 broken x86 shadow mode refcount overflow check XSA-249 improper x86 shadow mode refcount error handling XSA-250 improper bug check in x86 log-dirty handling XSA-251 Note that...

8.8CVSS6.5AI score0.01547EPSS
Exploits1References6
HackRead
HackRead
added 2018/01/04 7:33 p.m.23 views

Private Details of 240,000 DHS Employees Accessed after Data Breach

By Uzair Amir A data breach targeted towards the Department of Homeland Security This is a post from HackRead.com Read the original post: Private Details of 240,000 DHS Employees Accessed after Data Breach...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/03 12:0 a.m.48 views

Fedora 26 : xen (2017-16a414b3c5)

another patch related to the XSA-240, CVE-2017-15595 issue xen: various flaws 1525018 x86 PV guests may gain access to internally used page XSA-248 broken x86 shadow mode refcount overflow check XSA-249 improper x86 shadow mode refcount error handling XSA-250 improper bug check in x86 log-dirty...

8.8CVSS6.6AI score0.01547EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.40 views

Fedora 26 : xen (2017-5bcddc1984)

xen: various flaws 1501391 multiple MSI mapping issues on x86 XSA-237 DMOP map/unmap missing argument checks XSA-238 hypervisor stack leak in x86 I/O intercept code XSA-239 Unlimited recursion in linear pagetable de-typing XSA-240 Stale TLB entry due to page type release race XSA-241 page type...

8.8CVSS6.7AI score0.02959EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2017/10/19 12:0 a.m.38 views

Xen Hypervisor Pagetable De-typing Recursion Handling Guest-to-Host DoS (XSA-240)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a stack overflow vulnerability that is triggered when recursion is not properly handled when de-typing linear pagetables. By stacking multiple layers of page tables, an attacker within a...

8.8CVSS6.7AI score0.01547EPSS
Exploits1References11
Prion
Prion
added 2017/09/07 10:29 p.m.25 views

Command injection

XSS persistent on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted ESSID, as demonstrated b...

4.3CVSS5.9AI score0.01438EPSS
Exploits5References2
Rows per page
Query Builder