Lucene search
K

1404 matches found

OpenVAS
OpenVAS
added 2023/07/27 12:0 a.m.19 views

Debian: Security Advisory (DSA-5459-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.3AI score0.05794EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2023/07/26 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-6244-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.4AI score0.05794EPSS
Exploits1References2
OSV
OSV
added 2023/07/25 12:0 a.m.38 views

DSA-5459-1 amd64-microcode - security update

Bulletin has no description...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/07/24 12:0 a.m.80 views

CVE-2023-20593

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information...

5.5CVSS6.7AI score0.05794EPSS
Exploits1References27
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.2 views

SUSE CVE-2008-2729

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS6.2AI score0.0057EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.5 views

SUSE CVE-2010-0307

The loadelfbinary function in fs/binfmtelf.c in the Linux kernel before 2.6.32.8 on the x8664 platform does not ensure that the ELF interpreter is available before a call to the SETPERSONALITY macro, which allows local users to cause a denial of service system crash via a 32-bit application that...

4.7CVSS6.4AI score0.00833EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.6 views

SUSE CVE-2017-8932

A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by...

5.9CVSS6.8AI score0.02225EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.7 views

SUSE CVE-2017-1000379

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...

7.8CVSS8.7AI score0.01828EPSS
Exploits5References6
Cvelist
Cvelist
added 2022/12/21 1:21 a.m.34 views

CVE-2022-44643 Access policy with access to all tenants and using label selectors has more access

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

5.7CVSS8.8AI score0.00473EPSS
Exploits0References2
CVE
CVE
added 2022/12/21 1:21 a.m.66 views

CVE-2022-44643

Grafana Enterprise Metrics (GEM) suffers a label-based access control vulnerability where an access policy with label selector restrictions that also grants access to all tenants bypasses those restrictions. Affected are GEM 1.x < 1.7.1 and GEM 2.x

8.8CVSS7.1AI score0.00473EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/12/20 3:15 p.m.29 views

CVE-2022-44643

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

8.8CVSS0.00473EPSS
Exploits0References2
Prion
Prion
added 2022/12/20 3:15 p.m.21 views

Design/Logic Flaw

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not ...

6.5CVSS8.6AI score0.00473EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/11/29 12:0 a.m.42 views

SUSE SLES12: xen / xen-doc-html / xen-libs / xen-libs-32bit / xen-tools / etc (SUSE-SU-2022:4241-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4241-1 advisory. - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking...

8.8CVSS6.8AI score0.00375EPSS
Exploits0References53
Kitploit
Kitploit
added 2022/10/19 11:30 a.m.44 views

PenguinTrace - Tool To Show How Code Runs At The Hardware Level

penguinTrace is intended to help build an understanding of how programs run at the hardware level. It provides a way to see what instructions compile to, and then step through those instructions and see how they affect machine state as well as how this maps back to variables in the original...

7.8AI score
Exploits0References4
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-313-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.6CVSS6.5AI score0.04274EPSS
Exploits0References2
OSV
OSV
added 2022/07/01 8:11 p.m.36 views

GO-2022-0187 Incorrect computation for P-256 curves in crypto/elliptic

The ScalarMult implementation of curve P-256 for amd64 architectures generates incorrect results for certain specific input points. An adaptive attack can progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to derive correct output. This leads ...

5.9CVSS5.7AI score0.02225EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 4:45 p.m.50 views

golang.org/x/crypto/salsa20/salsa uses insufficiently random values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS6AI score0.03437EPSS
Exploits0References16Affected Software1
OSV
OSV
added 2022/05/24 4:45 p.m.36 views

GHSA-R5C5-PR8J-PFP7 golang.org/x/crypto/salsa20/salsa uses insufficiently random values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS5.7AI score0.03437EPSS
Exploits0References16
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.31 views

Use of Insufficiently Random Values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS2.2AI score0.03437EPSS
Exploits0References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/24 12:0 a.m.45 views

Use of Insufficiently Random Values

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS2.2AI score0.03437EPSS
Exploits0References15Affected Software1
Rows per page
Query Builder