Lucene search
K

617 matches found

Cvelist
Cvelist
added 2019/12/20 1:33 p.m.22 views

CVE-2012-3409

ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...

7.7AI score0.00409EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2019/12/20 1:33 p.m.25 views

CVE-2012-3409

ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation...

7.8CVSS7.8AI score0.00409EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.19 views

EulerOS 2.0 SP2 : policycoreutils (EulerOS-SA-2019-2400)

According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2019/11/12 8:0 a.m.479 views

October 8, 2019—KB4519990 (Security-only update)

October 8, 2019—KB4519990 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Security updates to Windows Cryptography, Windows Authentication, Windows Kernel, Windows Storage and Filesystems, Microsoft JET Database Engine, Internet...

9.9CVSS7.2AI score0.76451EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2019/11/12 8:0 a.m.934 views

October 8, 2019—KB4520005 (Monthly Rollup)

October 8, 2019—KB4520005 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4516041released September 24, 2019 and addresses the following issues: Addresses an issue with applications and printer drivers that utilize the Window...

9.9CVSS7.2AI score0.76451EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2019/11/12 8:0 a.m.1690 views

September 10, 2019—KB4516033 (Security-only update)

September 10, 2019—KB4516033 Security-only update IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. Improvements and fixes This security update includes quality improvements. Key changes include: Provides...

9.3CVSS7.2AI score0.61314EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2019/11/01 1:3 p.m.5 views

php: File rename across filesystems may allow unwanted access during processing

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to...

7.5CVSS7.2AI score0.07347EPSS
Exploits0References4
Talos
Talos
added 2019/09/24 12:0 a.m.78 views

E2fsprogs quotaio_tree.c report_tree() code execution vulnerability

Summary An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Tested...

7.5CVSS7.5AI score0.01105EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2019/09/10 7:0 a.m.788 views

September 10, 2019—KB4516051 (Security-only update)

September 10, 2019—KB4516051 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling , for 32-B...

9.3CVSS7.3AI score0.61314EPSS
Exploits4
Microsoft KB
Microsoft KB
added 2019/09/10 7:0 a.m.254 views

September 10, 2019—KB4516070 (OS Build 10240.18333)

September 10, 2019—KB4516070 OS Build 10240.18333 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates to improve security when using Internet Explorer, Microsoft Office,...

9.3CVSS7.3AI score0.61314EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.23 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : policycoreutils Vulnerability (NS-SA-2019-0030)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has policycoreutils packages installed that are affected by a vulnerability: - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux conte...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2019/08/06 7:0 a.m.103 views

July 9, 2019—KB4507462 (Monthly Rollup)

July 9, 2019—KB4507462 Monthly Rollup July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use unconstrained...

9.8CVSS7.7AI score0.70966EPSS
Exploits7
Microsoft KB
Microsoft KB
added 2019/08/06 7:0 a.m.362 views

July 9, 2019—KB4507458 (OS Build 10240.18275)

July 9, 2019—KB4507458 OS Build 10240.18275 For more information about the various types of Windows updates, such as critical, security, driver, service packs, etc., please see the following article. July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain...

9.3CVSS7.6AI score0.70966EPSS
Exploits7
Microsoft KB
Microsoft KB
added 2019/08/06 7:0 a.m.141 views

July 9, 2019—KB4507456 (Security-only update)

July 9, 2019—KB4507456 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...

9.3CVSS8.1AI score0.70966EPSS
Exploits9
OSV
OSV
added 2019/06/27 5:15 p.m.9 views

CVE-2018-20073

Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem...

5.5CVSS8.5AI score
Exploits0References3
Microsoft KB
Microsoft KB
added 2019/06/11 7:0 a.m.278 views

June 11, 2019—KB4503293 (OS Build 18362.175)

June 11, 2019—KB4503293 OS Build 18362.175 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Notes: This release also contains updates for Microsoft HoloLens OS Build 18362.1020 released June 11, 2019. Microsoft will release an update...

9.3CVSS7.8AI score0.48043EPSS
Exploits14
Veracode
Veracode
added 2019/05/16 3:18 a.m.28 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of service DoS attacks. The vulnerability exists in the function procpidstack of the file fs/proc/base.c when a user able to mount FUSE filesystems creating a process such that when another process attempting to read its command line will be blocked for a long...

5.3CVSS5.9AI score0.07291EPSS
Exploits6References36Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/05/06 12:0 a.m.54 views

EulerOS 2.0 SP2 : php (EulerOS-SA-2019-1332)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented,...

7.5CVSS7AI score0.07347EPSS
Exploits1References3
Veracode
Veracode
added 2019/05/02 6:36 a.m.25 views

Information Disclosure

Linux kernel is vulnerable to information disclosure. This vulnerability exists in the Linux kernel where filesystems mounted with data=ordered mode. An attacker to read stale data from recently allocated blocks in new files after a system 'reset' by abusing ext4 mechanics of delayed allocation...

5.5CVSS5.5AI score0.00421EPSS
Exploits0References49Affected Software2
Microsoft KB
Microsoft KB
added 2019/04/09 7:0 a.m.51 views

April 9, 2019—KB4493450 (Security-only update)

April 9, 2019—KB4493450 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations. Addresses an issue that...

9.3CVSS7.6AI score0.4523EPSS
Exploits42
Rows per page
Query Builder