Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20833

Malware in sbrugna...

8.1CVSS6.5AI score0.06563EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.17 views

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creati...

8.3CVSS7.6AI score0.78684EPSS
Exploits37References37
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-28374

In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a...

8.1CVSS7.2AI score0.06563EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.296 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2022-0040)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocatetracebuffer in the file...

8.1CVSS7.3AI score0.09729EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.110 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9306)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9306 advisory. - sctp: delay autoasconf init until binding the first addr Xin Long Orabug: 32907967 CVE-2021-23133 CVE-2021-23133 - dm ioctl: fix out of bounds...

8.1CVSS6.8AI score0.06563EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2021:0835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.06563EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.37 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0744-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping XSA-365 bsc1181843. CVE-2021-26931: Fixed an issue where Linux kernel was treating gra...

8.1CVSS6.8AI score0.06563EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.55 views

Debian DLA-2586-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-19318, CVE-2019-19813, CVE-2019-19816 'Team bobfuzzer' reported bugs in Btrfs that could lead to a use-after-free or heap buffer overflow, and...

9.3CVSS7.4AI score0.06563EPSS
Exploits11References23
Debian
Debian
added 2021/03/09 6:8 p.m.297 views

[SECURITY] [DLA 2586-1] linux security update

Debian LTS Advisory DLA-2586-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 08, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.258-1 CVE ID : CVE-2019-19318 CVE-2019-19813 CVE-2019-19816 CVE-2020-27815 CVE-2020-27825 CVE-2020-28374...

9.3CVSS7.4AI score0.06563EPSS
Exploits11
OSV
OSV
added 2021/03/09 3:15 p.m.6 views

SUSE-SU-2021:0743-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping XSA-365 bsc1181843. - CVE-2021-26931: Fixed an issue where Linux kernel was treating...

8.1CVSS7.2AI score0.06563EPSS
Exploits0References11
OSV
OSV
added 2021/02/25 7:1 a.m.3 views

USN-4753-1 linux-oem-5.10 vulnerabilities

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.55 views

Debian DLA-2557-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial o...

8.8CVSS7.4AI score0.06563EPSS
Exploits5References14
OSV
OSV
added 2021/02/10 1:17 a.m.4 views

USN-4713-2 linux, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-raspi2-5.3 vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/10 12:0 a.m.57 views

Ubuntu 18.04 LTS : Linux kernel vulnerability (USN-4713-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4713-2 advisory. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker wi...

8.1CVSS6.7AI score0.06563EPSS
Exploits0References2
OSV
OSV
added 2021/02/05 1:4 a.m.7 views

USN-4711-1 linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0References3
OSV
OSV
added 2021/02/02 6:17 a.m.5 views

USN-4713-1 linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.273 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9024)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9024 advisory. 4.14.35-2025.404.1.2.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280 Tenable has extracted the preceding descripti...

8.8CVSS6.8AI score0.06563EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2021/01/20 8:0 a.m.5 views

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7 insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request aka CID-2896c93811e3. For example an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.

...

8.1CVSS7AI score0.06563EPSS
Exploits0
ArchLinux
ArchLinux
added 2021/01/20 12:0 a.m.105 views

[ASA-202101-32] linux-hardened: directory traversal

Arch Linux Security Advisory ASA-202101-32 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2020-28374 Package : linux-hardened Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-1443 Summary ======= The package linux-hardene...

8.1CVSS2.2AI score0.06563EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2021/01/14 11:48 p.m.147 views

USN-4694-1: Linux kernel vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0
Rows per page
Query Builder