Lucene search
K

3976 matches found

Kitploit
Kitploit
added 2021/09/13 11:30 a.m.26 views

Gokart - A Static Analysis Tool For Securing Go Code

GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA single static assignment form of Go source code. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe, which reduces the number of false positives compar...

7.7AI score
Exploits0References3
Veracode
Veracode
added 2021/09/08 9:58 a.m.20 views

Denial Of Service (DoS)

Xen is vulnerable to denial of service. Upon de-assigment of a physical device from a guest, the identity mappings would be left in place, allowing a guest continued access to ranges of memory which it shouldn't have access to anymore...

6.8CVSS4.2AI score0.00364EPSS
Exploits0References15Affected Software1
Citrix
Citrix
added 2021/09/01 12:0 a.m.11 views

Explaining and Troubleshooting WriteCache Disk Drive Letter Assignment

This article explains the process involved on drive letter assignments for target devices and how to troubleshoot writecache drive letter changes. Background Mount Manager is the component responsible for managing volume names and drive letter assignments on windows. It has a database that is...

6.8AI score
Exploits0
CVE
CVE
added 2021/08/31 4:38 p.m.74 views

CVE-2021-22684

CVE-2021-22684 affects Samsung Tizen RT RTOS 3.0.GBB. It is caused by integer wrap-around in memory allocation helpers calloc and mm_zalloc, leading to improper memory assignment and potential arbitrary memory allocation or a crash. Connected sources confirm the vulnerability and CVE assignment; ...

7.5CVSS7.5AI score0.01105EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/08/27 7:15 p.m.21 views

CVE-2021-28696

IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresse...

6.8CVSS0.00364EPSS
Exploits0References9
OSV
OSV
added 2021/08/25 8:50 p.m.12 views

GHSA-566X-HHRF-QF8M ordered_float:NotNan may contain NaN after panic in assignment operators

After using an assignment operators such as NotNan::addassign, NotNan::mulassign, etc., it was possible for the resulting NotNan value to contain a NaN. This could cause undefined behavior in safe code, because the safe NotNan::cmp method contains internal unsafe code that assumes the value is...

5.5CVSS5.4AI score0.00387EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2021/08/25 8:50 p.m.24 views

ordered_float:NotNan may contain NaN after panic in assignment operators

After using an assignment operators such as NotNan::addassign, NotNan::mulassign, etc., it was possible for the resulting NotNan value to contain a NaN. This could cause undefined behavior in safe code, because the safe NotNan::cmp method contains internal unsafe code that assumes the value is...

5.5CVSS5.6AI score0.00387EPSS
Exploits1References6Affected Software1
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/21 7:47 a.m.28 views

Mass Assignment❗️ — What you need to know

Mass Assignment❗️ — What you need to know Introduction API6:2019 Mass Assignment What is Mass Assignment? Applications these days often rely an objects For example user, product, … and these objects have properties for example product.stock. As a user, we have the authorization to edit and view...

7.2AI score
Exploits0
CNVD
CNVD
added 2021/08/17 12:0 a.m.22 views

Dell EMC PowerScale OneFS Privilege Assignment Incorrect Vulnerability

Dell EMC PowerScale OneFS is an API-driven file system. version 8.2.-9.2. of Dell EMC PowerScale OneFS is vulnerable to incorrect privilege assignment. An attacker could exploit this vulnerability to elevate privileges...

8.8CVSS5.6AI score0.00687EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/17 12:0 a.m.17 views

Dell EMC PowerScale OneFS has an unspecified vulnerability (CNVD-2021-73944)

Dell EMC PowerScale OneFS is an API-driven file system. version 8.2.-9.2. of Dell EMC PowerScale OneFS is vulnerable to incorrect critical resource privilege assignment. An attacker could use this vulnerability to gain unauthorized access to cluster-related information...

7.8CVSS4.8AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2021/08/16 10:15 p.m.12 views

CVE-2021-36280

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

7.8CVSS0.00184EPSS
Exploits0References1
NVD
NVD
added 2021/08/16 10:15 p.m.17 views

CVE-2021-36281

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges...

8.8CVSS0.00687EPSS
Exploits0References1
NVD
NVD
added 2021/08/16 10:15 p.m.17 views

CVE-2021-36279

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

7.8CVSS0.00195EPSS
Exploits0References1
Prion
Prion
added 2021/08/16 10:15 p.m.23 views

Code injection

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

7.2CVSS7.3AI score0.00195EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/16 10:15 p.m.13 views

Code injection

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

2.1CVSS5.3AI score0.00184EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/16 10:15 p.m.24 views

Code injection

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges...

6.5CVSS8.5AI score0.00687EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/16 10:0 p.m.76 views

CVE-2021-36280

Dell EMC PowerScale OneFS (versions 8.2.x–9.2.x) contains an incorrect permission assignment for a critical resource, potentially allowing a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged cluster information. Public sources describe the affected component as the API-d...

7.8CVSS5.2AI score0.00184EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/16 10:0 p.m.18 views

CVE-2021-36280

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

7.8CVSS7.6AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/16 10:0 p.m.20 views

CVE-2021-36279

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

7.8CVSS7.6AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2021/08/16 10:0 p.m.75 views

CVE-2021-36279

Dell EMC PowerScale OneFS versions 8.2.x–9.2.x are affected by an Incorrect Permission Assignment for a Critical Resource vulnerability. The root cause is misconfigured permissions that can allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged cluster information. Im...

7.8CVSS7.3AI score0.00195EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder