Lucene search
K

1926 matches found

CNVD
CNVD
added 2017/05/08 12:0 a.m.2 views

rpcbind, LIBTIRPC and NTIRPC Denial of Service Vulnerabilities

rpcbind, LIBTIRPC, and NTIRPC are all applications used in Linux. rpcbind is a server that translates RPC program numbers into generic addresses; LIBTIRPC is a package that contains libraries to support programs that use the Remote Procedure Call RPC API; and NTIRPC is a stand-alone RPC library f...

7.8CVSS6.7AI score0.81921EPSS
Exploits4References1
OSV
OSV
added 2017/05/04 2:29 p.m.2 views

DEBIAN-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

7.5CVSS7.2AI score0.81921EPSS
Exploits4References1
OSV
OSV
added 2017/05/04 12:0 a.m.3 views

UBUNTU-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

7.5CVSS7.2AI score0.81921EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.219 views

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1057)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer...

7.8CVSS6.7AI score0.0596EPSS
Exploits15References6
CNVD
CNVD
added 2017/04/20 12:0 a.m.1 views

Cisco Unified Communications Manager UDP Handling Denial of Service Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. Cisco Unified Communications Manager has a security vulnerability in the Session Initiation Protocol SIP UDP throttling process, which could be exploited by a remote attacker to submit a special reque...

7.8CVSS7AI score0.02479EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/04/12 10:51 a.m.6 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/04/12 10:51 a.m.89 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.9AI score0.0596EPSS
Exploits21References7
OSV
OSV
added 2017/04/04 5:59 a.m.1 views

DEBIAN-CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

9.8CVSS8.4AI score0.12791EPSS
Exploits1References1
OSV
OSV
added 2017/04/04 5:59 a.m.3 views

ALPINE-CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...

9.8CVSS7.8AI score0.12791EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/03/31 12:0 a.m.6 views

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to bypass the access control list configuration.

The vulnerabilities of the Border Gateway Protocol BGP and Bidirectional Forwarding Detection BFD components of the Cisco Adaptive Security Appliance software-related networking devices are related to deficiencies in access control for certain functions. Exploiting these vulnerabilities can allow...

5CVSS6AI score0.0143EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/03/27 12:0 a.m.48 views

Virtuozzo 7 : readykernel-patch (VZA-2017-017)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementati...

7.8CVSS6.8AI score0.0596EPSS
Exploits13References6
OSV
OSV
added 2017/03/17 10:59 p.m.3 views

CVE-2017-3867

A vulnerability in the Border Gateway Protocol BGP Bidirectional Forwarding Detection BFD implementation of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to bypass the access control list ACL for specific TCP and UDP traffic. More Information:...

5.3CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/03/17 12:0 a.m.7 views

PT-2017-4330 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.3 Description: The issue is related to the NFSv4 server in the Linux kernel, which does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packe...

9.8CVSS7.2AI score0.9166EPSS
Exploits39References247
Virtuozzo
Virtuozzo
added 2017/03/16 12:0 a.m.40 views

Important kernel security update: Virtuozzo ReadyKernel patch 14.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-6074 A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB...

7.8CVSS6.8AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/03/14 2:50 p.m.2 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
OpenVAS
OpenVAS
added 2017/03/07 12:0 a.m.49 views

CentOS Update for kernel CESA-2017:0386_01 centos7

Check the version of kernel SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882674";...

7.8CVSS6.5AI score0.0596EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2017/03/07 12:0 a.m.71 views

Amazon Linux AMI : kernel (ALAS-2017-805)

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

9.8CVSS6.9AI score0.0596EPSS
Exploits13References8
OpenVAS
OpenVAS
added 2017/03/03 12:0 a.m.38 views

RedHat Update for kernel RHSA-2017:0293-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.0596EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2017/03/03 12:0 a.m.48 views

RedHat Update for kernel RHSA-2017:0294-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.0596EPSS
Exploits13References2
RedHat Linux
RedHat Linux
added 2017/03/02 4:54 p.m.112 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.7AI score0.0596EPSS
Exploits13References3
Rows per page
Query Builder