Lucene search
K

203 matches found

Cvelist
Cvelist
added 2020/09/09 6:25 a.m.36 views

CVE-2020-3679

u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

6.8AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/08/17 12:0 a.m.3 views

PT-2020-20042 · Nextcloud +1 · Nextcloud Desktop Client +1

Name of the Vulnerable Software and Affected Versions: NextCloud Desktop Client version 2.6.4 Description: A memory corruption issue exists due to missing Address Space Layout Randomization ASLR and Data Execution Prevention DEP protections in the Windows version of the software, allowing memory...

7.8CVSS5.7AI score0.01401EPSS
Exploits3References14
Veracode
Veracode
added 2020/04/10 12:56 a.m.31 views

Protection Mechanism Bypass

The kernel is vulnerable to Protection Mechanism Bypass. The startcode and endcode values in "/proc/pid/stat" were not protected. In certain scenarios, this flaw could be used to defeat Address Space Layout Randomization ASLR...

2.1CVSS2.3AI score0.00342EPSS
Exploits2References12Affected Software2
OSV
OSV
added 2020/04/08 6:15 p.m.5 views

CVE-2018-21076

An issue was discovered on Samsung mobile devices with N7.x Exynos8890/8895 chipsets software. There is information disclosure a KASLR offset in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 April 2018...

5.5CVSS5.8AI score0.00134EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/03 12:40 a.m.9 views

Denial Of Service (DoS)

Kernel is vulnerable to denial of service DoS because kernel space address bits to derive IP ID may potentially break KASLR...

7.5CVSS6.4AI score0.03252EPSS
Exploits0References28Affected Software2
RedHat Linux
RedHat Linux
added 2020/03/31 9:3 p.m.4 views

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

7.5CVSS7.2AI score0.03252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/11/20 5:37 p.m.48 views

CVE-2019-19126

A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running binaries with the setuid flag on x8664 architectures. This allows an attacker to force system to utilize only half of the memory making the system think the software is 32-bit...

3.3CVSS2AI score0.00409EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/11/19 3:5 p.m.20 views

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

9.3CVSS7.9AI score0.02548EPSS
Exploits2
Cvelist
Cvelist
added 2019/11/19 3:5 p.m.27 views

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

7.8AI score0.02548EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/06/07 12:0 a.m.68 views

Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-4008-3)

USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space...

9.3CVSS6.9AI score0.05789EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2019/06/06 12:0 a.m.54 views

Ubuntu: Security Advisory (USN-4008-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.05789EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/06/05 12:0 a.m.39 views

Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerability (USN-4006-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4006-2 advisory. USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel...

2.5CVSS6.6AI score0.00495EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/06/05 12:0 a.m.41 views

Ubuntu: Security Advisory (USN-4007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.5CVSS5.9AI score0.00495EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2019/06/04 10:44 p.m.98 views

USN-4006-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/12/11 12:0 a.m.104 views

KB4471324: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 Security Update

The remote Windows host is missing security update 4471324. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could...

10CVSS8.2AI score0.22349EPSS
Exploits0References15
The Hacker News
The Hacker News
added 2018/07/27 8:31 a.m.784 views

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed "NetSpectre," the new remote side-channel attack, which is related to Spectre...

5.6CVSS2.5AI score0.93838EPSS
Exploits9
Microsoft CVE
Microsoft CVE
added 2018/04/10 7:0 a.m.29 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a...

5.5CVSS5.2AI score0.03692EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2018/04/10 7:0 a.m.30 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a...

5.5CVSS5.3AI score0.03043EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/04/10 12:0 a.m.144 views

KB4093115: Windows 8.1 and Windows Server 2012 R2 April 2018 Security Update

The remote Windows host is missing security update 4093115 or cumulative update 4093114. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. CVE-2018-1009 - ...

9.3CVSS8.2AI score0.40069EPSS
Exploits9References37
OpenVAS
OpenVAS
added 2018/03/14 12:0 a.m.78 views

Microsoft Windows Multiple Vulnerabilities (KB4088787)

This host is missing a critical security update according to Microsoft KB4088787 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.82334EPSS
Exploits46References45
Rows per page
Query Builder