Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-2618

Malware in sbrugna...

3.6CVSS6.4AI score0.00335EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.5 views

SUSE CVE-2015-0290

The multi-block feature in the ssl3writebytes function in s3pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service pointer corruption and application crash...

5CVSS6.9AI score0.07295EPSS
Exploits0References4
Xen Project
Xen Project
added 2019/03/05 12:0 p.m.119 views

grant table transfer issues on large hosts

ISSUE DESCRIPTION When the code processing grant table transfer requests finds a page with an address too large to be represented in the interface with the guest, it allocates a replacement page and copies page contents. However, the code doing so fails to set the newly allocated page's accountin...

8.8CVSS0.1AI score0.00353EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2018/07/30 2:19 a.m.28 views

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

7.8CVSS6.1AI score0.00409EPSS
Exploits0References2
NVD
NVD
added 2018/07/28 6:29 p.m.15 views

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

7.8CVSS7.7AI score0.00409EPSS
Exploits0References7
Cvelist
Cvelist
added 2018/07/28 6:0 p.m.28 views

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

8.3AI score0.00409EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2018/07/28 6:0 p.m.25 views

CVE-2018-14678

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usage and system crash. Within Xen...

7.8CVSS6.9AI score0.00409EPSS
Exploits0
Veracode
Veracode
added 2017/02/10 5:6 a.m.21 views

Denial Of Service (DoS) Through Pointer Corruption

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because AES NI support on 64-bit x86 platforms doesn't properly handle non-blocking I/O cases. This flaw causes pointer corruption and application crashes...

5CVSS6.8AI score0.07295EPSS
Exploits0References32Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/02/02 12:0 a.m.50 views

Xen SYSCALL singlestep Handling Privilege Escalation (XSA-204)

According to its self-reported version number, the Xen hypervisor installed on the remote host is missing a security update. It is, therefore, affected by a privilege elevation vulnerability in the instruction emulator when handling SYSCALL by single-stepping applications. This is due to incorrec...

7.8CVSS7.4AI score0.00424EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/26 3:0 p.m.27 views

CVE-2016-10013

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation...

6.4AI score0.00424EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/01/04 12:0 a.m.27 views

openSUSE: Security Advisory for xen (openSUSE-SU-2017:0008-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7AI score0.00505EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2016/02/03 12:0 a.m.56 views

nettle: improper cryptographic calculations

CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 improper cryptographic calculations It has been discovered that multiple carry propagation bugs are producing wrong results in calculations. They affect the NIST P-256 and P-384 curves. The P-256 bug is in the C code and affects multiple architectures...

7.5CVSS2AI score0.04132EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2016/02/03 12:0 a.m.54 views

lib32-nettle: improper cryptographic calculations

CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 improper cryptographic calculations It has been discovered that multiple carry propagation bugs are producing wrong results in calculations. They affect the NIST P-256 and P-384 curves. The P-256 bug is in the C code and affects multiple architectures...

7.5CVSS1.8AI score0.04132EPSS
Exploits0References5
Xen Project
Xen Project
added 2015/06/11 12:0 p.m.93 views

vulnerability in the iret hypercall handler

ISSUE DESCRIPTION A buggy loop in Xen's compatiret function iterates the wrong way around a 32-bit index. Any 32-bit PV guest kernel can trigger this vulnerability by attempting a hypercalliret with EFLAGS.VM set. Given the use of get/putuser, and that the virtual addresses in question are...

4.9CVSS6.6AI score0.00437EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2015/03/19 10:59 p.m.24 views

CVE-2015-0290

The multi-block feature in the ssl3writebytes function in s3pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service pointer corruption and application crash...

5CVSS6.9AI score0.07295EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2005/10/25 6:2 p.m.27 views

CVE-2005-2708

The searchbinaryhandler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service panic, as demonstrated by running a process using the bash ulimi...

2.1CVSS6AI score0.00518EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.33 views

CVE-2005-2708

The searchbinaryhandler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service panic, as demonstrated by running a process using the bash ulimi...

6.2AI score0.00518EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2005/08/17 4:0 a.m.20 views

CVE-2005-2617

The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...

3.6CVSS5.9AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/08/17 4:0 a.m.22 views

CVE-2005-2617

The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...

6.1AI score0.00335EPSS
Exploits0References2
NVD
NVD
added 2005/08/17 4:0 a.m.13 views

CVE-2005-2617

The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...

3.6CVSS6.1AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder