Lucene search
+L

197 matches found

Ubuntu
Ubuntu
added 2022/01/05 5:3 p.m.131 views

USN-5207-1: Linux kernel (OEM) vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that the eBPF implementation in the Linux...

9.8CVSS7.3AI score0.5758EPSS
Exploits3
Amazon
Amazon
added 2021/12/10 12:0 a.m.50 views

Medium: kernel

Issue Overview: A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory...

7CVSS6.3AI score0.0124EPSS
Exploits2
Mageia
Mageia
added 2021/12/05 7:6 p.m.63 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without...

4.7CVSS0.8AI score0.00515EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/12/04 12:0 a.m.31 views

Fedora: Security Advisory for kernel (FEDORA-2021-19ad835cb3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.6AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/05 8:51 p.m.78 views

Security Bulletin: Apache Xerces2 Vulnerabilities Affect IBM Sterling B2B Integrator (CVE-2012-0881, CVE-2013-4002)

Summary IBM Sterling B2B Integrator has addressed the vulnerabilities. Vulnerability Details CVEID: CVE-2012-0881 DESCRIPTION: Apache Xerces2 Java is vulnerable to a denial of service, caused by a flaw in the XML service. By sending a specially crafted message to an XML service, a remote attacker...

7.8CVSS1.7AI score0.24738EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2013:1255-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits23References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2013:1263-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits23References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2013:1263-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits23References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2013:1305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits23References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2013:1257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits32References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2013:1255-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits23References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2013:1256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.98704EPSS
Exploits31References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2016:2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.06336EPSS
Exploits0References45
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2016:1703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.06336EPSS
Exploits2References37
Circl
Circl
added 2020/11/24 6:46 p.m.10 views

CVE-2020-4002

creationtimestamp| type| source ---|---|--- 2020-11-24 18:46:47+00:00| seen| https://t.me/cibsecurity/16775...

7.2CVSS7.6AI score0.0155EPSS
Exploits0References1
CVE
CVE
added 2020/11/24 3:29 p.m.56 views

CVE-2020-4002

The CVE-2020-4002 entry affects VMware SD-WAN Orchestrator, with versions 3.3.2 before 3.3.2 P3, 3.4.x before 3.4.4, and 4.0.x before 4.0.1, where system parameters are handled insecurely. The root cause is insecure handling of system parameters that may allow an authenticated, high-privilege SD-...

7.2CVSS7.8AI score0.0155EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/24 3:29 p.m.26 views

CVE-2020-4002

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system...

7.2AI score0.0155EPSS
Exploits0References1
VMware
VMware
added 2020/11/18 12:0 a.m.60 views

VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)

3a. SQL injection vulnerability due to improper input validation CVE-2020-3984 The SD-WAN Orchestrator does not apply correct input validation which allows for SQL-injection. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of...

7.5CVSS7.5AI score0.43017EPSS
Exploits0References13Affected Software1
CVE
CVE
added 2019/10/31 8:37 p.m.97 views

CVE-2018-4002

The CVE-2018-4002 issue affects CUJO Smart Firewall (firmware 7003) mdnscap, where mdnscap’s mDNS label parsing mishandles compression pointers, creating an uncontrolled recursion that exhausts the call stack and crashes the mdnscap process. An unauthenticated remote attacker can send specially c...

7.8CVSS7.5AI score0.01569EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/06/04 12:0 a.m.19 views

Ubuntu 16.04 LTS : Doxygen vulnerability (USN-4002-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4002-1 advisory. It was discovered that Doxygen incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code and compromise sensitive...

6.1CVSS7.2AI score0.01823EPSS
Exploits0References2
Rows per page
Query Builder