Lucene search
K

4967 matches found

RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.4 views

kernel: ext4 filesystem page fault race condition with fallocate call.

A flaw was found in the Linux kernel when attempting to "punch a hole" in files existing on an ext4 filesystem. When punching holes into a file races with the page fault of the same area, it is possible that freed blocks remain referenced from page cache pages mapped to process' address space...

5.1CVSS7.1AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 2017/08/11 7:29 p.m.3 views

CVE-2017-11271

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format EMF data related to transfer of pixel blocks...

8.8CVSS6AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/08/01 9:17 p.m.5 views

Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS7.4AI score0.00386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 4:4 p.m.5 views

Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS7.4AI score0.00386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.2 views

kernel: ext4 filesystem page fault race condition with fallocate call.

A flaw was found in the Linux kernel when attempting to "punch a hole" in files existing on an ext4 filesystem. When punching holes into a file races with the page fault of the same area, it is possible that freed blocks remain referenced from page cache pages mapped to process' address space...

5.1CVSS7.1AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 2017/06/08 8:29 p.m.4 views

CVE-2016-6594

Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning...

7.5CVSS5.8AI score0.01188EPSS
Exploits0References2
HackRead
HackRead
added 2017/06/01 6:18 p.m.21 views

Google: Its Tech Now Blocks 99.9% of Gmail Phishing and Spam Emails

By Jahanzaib Hassan After the effects of the phishing campaign that used Google Docs as a tool to attack, Google has launched a number of upgrades to Gmail and its browser so that users can be notified and warned of suspicious emails and websites that may contain malware. The new machine-learning...

6.9AI score
Exploits0
Veeam
Veeam
added 2017/05/23 12:0 a.m.160 views

One or more bad blocks were detected and skipped

Challenge Veeam Agent for Microsoft Windows VAW displays the following warning during the backup: One or more bad blocks were detected and skipped. Copy Cause There are two scenarios under which this warning may occur: 1. The disk of the machine being backed up has bad clusters, as recorded by th...

6.9AI score
Exploits0Affected Software1
NVD
NVD
added 2017/04/26 2:59 p.m.16 views

CVE-2017-8284

The disasinsn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated...

7CVSS6.8AI score0.00434EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/04/06 12:0 a.m.4 views

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the sdhcisdmatransfermultiblocks function in the hw/sd/sdhci.c file of the QEMU hardware/software emulator is related to improper management of system resources. Exploiting this vulnerability can allow an attacker, operating locally, to trigger a service failure infinite loop...

2.1CVSS6.7AI score0.00419EPSS
Exploits0References6
OSV
OSV
added 2017/04/04 4:59 p.m.8 views

CVE-2017-5670

Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...

4.6CVSS5.8AI score0.0042EPSS
Exploits1References4
NVD
NVD
added 2017/04/04 4:59 p.m.22 views

CVE-2017-5670

Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...

4.6CVSS4.5AI score0.0042EPSS
Exploits1References4
Cvelist
Cvelist
added 2017/04/04 4:0 p.m.28 views

CVE-2017-5670

Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...

4.6AI score0.0042EPSS
Exploits1References4
CNVD
CNVD
added 2017/03/28 12:0 a.m.3 views

Subrion CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-04653)

Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A cross-site request forgery vulnerability exists in admin/blocks/add/URI in Subrion CMS version 4.0.5. An...

8.8CVSS8.6AI score0.00613EPSS
Exploits0References1
Prion
Prion
added 2017/03/27 2:59 a.m.17 views

Cross site request forgery (csrf)

Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter...

6.8CVSS8.4AI score0.00613EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2017/03/23 3:45 a.m.4 views

openjpeg: heap overflow in parsing of JPEG2000 code blocks

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium. A specially crafted JPEG2000 image could cause an incorrect calculation when allocating memory for code blocks, which could lead to a crash, or potentially, code execution...

8.8CVSS7.5AI score0.01963EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/03/20 1:22 a.m.4 views

openjpeg: heap overflow in parsing of JPEG2000 code blocks

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium. A specially crafted JPEG2000 image could cause an incorrect calculation when allocating memory for code blocks, which could lead to a crash, or potentially, code execution...

8.8CVSS7.5AI score0.01963EPSS
Exploits0References5
NVD
NVD
added 2017/03/16 2:59 p.m.13 views

CVE-2017-6379

Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID...

7.5CVSS7.3AI score0.0078EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/03/16 2:59 p.m.20 views

CVE-2017-6379

Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID...

7.5CVSS7.1AI score0.0078EPSS
Exploits0References2
Prion
Prion
added 2017/03/16 2:59 p.m.17 views

Cross site request forgery (csrf)

Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID...

5.1CVSS7.3AI score0.0078EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder