Lucene search
K

355 matches found

OSV
OSV
added 2019/05/14 9:3 p.m.12 views

USN-3983-1 linux vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.4AI score0.01553EPSS
Exploits0References5
OSV
OSV
added 2018/01/09 11:10 p.m.10 views

USN-3522-1 linux, linux-aws, linux-euclid, linux-kvm vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS6.4AI score0.84172EPSS
Exploits3References2
ArchLinux
ArchLinux
added 2017/06/01 12:0 a.m.26 views

[ASA-201706-1] vlc: multiple issues

Arch Linux Security Advisory ASA-201706-1 ========================================= Severity: High Date : 2017-06-01 CVE-ID : CVE-2017-8310 CVE-2017-8311 CVE-2017-8312 Package : vlc Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-283 Summary ======= The package vlc...

7.8CVSS3.4AI score0.08765EPSS
Exploits4References8
Metasploit
Metasploit
added 2014/07/22 2:4 p.m.64 views

MQAC.sys Arbitrary Write Privilege Escalation

A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process. This module requires Metasploit: https://metasploit.com/download Current source:...

7.2CVSS6.9AI score0.23046EPSS
Exploits21
securityvulns
securityvulns
added 2008/12/29 12:0 a.m.63 views

[ MDVSA-2008:246 ] kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:246 http://www.mandriva.com/security/ Package : kernel Date : December 29, 2008 Affected: 2009.0 Problem Description: Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The chipcomma...

7.8CVSS6.2AI score0.02947EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/01/25 12:0 a.m.28 views

Mandrake Linux Security Advisory : squid (MDKSA-2005:014)

'infamous41md' discovered two vulnerabilities in the squid proxy cache server. The first is a buffer overflow in the Gopher response parser which leads to memory corruption and would usually crash squid CVE-2005-0094. The second is an integer overflow in the receiver of WCCP Web Cache Communicati...

5CVSS5.9AI score0.68776EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2005/01/19 12:0 a.m.19 views

Mandrake Linux Security Advisory : mpg123 (MDKSA-2005:009)

A vulnerability in mpg123's ability to parse frame headers in input streams could allow a malicious file to exploit a buffer overflow and execute arbitrary code with the permissions of the user running mpg123. The updated packages have been patched to prevent these problems. %NASLMINLEVEL 70300 C...

7.5CVSS6.2AI score0.03584EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/11/17 12:0 a.m.32 views

Mandrake Linux Security Advisory : apache (MDKSA-2004:134)

A possible buffer overflow exists in the gettag function of modinclude, and if SSI Server Side Includes are enabled, a local attacker may be able to run arbitrary code with the rights of an httpd child process. This could be done with a special HTML document using malformed SSI. The updated...

7.8CVSS6AI score0.0483EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/11/17 12:0 a.m.34 views

Mandrake Linux Security Advisory : apache2 (MDKSA-2004:135)

A vulnerability in apache 2.0.35-2.0.52 was discovered by Chintan Trivedi; he found that by sending a large amount of specially- crafted HTTP GET requests, a remote attacker could cause a Denial of Service on the httpd server. This vulnerability is due to improper enforcement of the field length...

5CVSS5.5AI score0.55105EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.19 views

Mandrake Linux Security Advisory : imlib (MDKSA-2002:029)

Previous versions of imlib, prior to 1.9.13, would fall back to the NetPBM library which is not suitable for loading untrusted images due to various problem in it's code. The new imlib also fixes some problems with arguments passed to malloc. These problems could allow attackers to construct imag...

7.5CVSS6AI score0.02425EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.22 views

Mandrake Linux Security Advisory : lftp (MDKSA-2003:116)

A buffer overflow vulnerability was discovered by Ulf Harnhammar in the lftp FTP client when connecting to a web server using HTTP or HTTPS and using the 'ls' or 'rels' command on specially prepared directory. This vulnerability exists in lftp versions 2.3.0 through 2.6.9 and is corrected upstrea...

7.5CVSS5.8AI score0.13677EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.26 views

Mandrake Linux Security Advisory : squid (MDKSA-2001:066)

The Squid proxy server has a serious security flaw in versions 2.3.STABLE2 through 2.3.STABLE4. This problem surfaces when Squid is used in httpdaccel mode. If you configure httpaccelwithproxy off then any request to Squid is allowed. Malicious users may use your proxy to portscan remote systems,...

7.5CVSS5.5AI score0.01962EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.27 views

Mandrake Linux Security Advisory : xloadimage (MDKSA-2001:073-1)

A buffer overflow exists in xli due to missing boundary checks. This could be triggered by an external attacker to execute commands on the victim's machine. An exploit is publically available. xli is an image viewer that is used by Netscape's plugger to display TIFF, PNG, and Sun-Raster images...

7.5CVSS6.1AI score0.16344EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.23 views

Mandrake Linux Security Advisory : sharutils (MDKSA-2002:052)

The uudecode utility creates output files without checking to see if it is about to write to a symlink or pipe. This could be exploited by a local attacker to overwrite files or lead to privilege escalation if users decode data into share directories, such as /tmp. This update fixes this...

7.2CVSS5.5AI score0.00622EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.12 views

Mandrake Linux Security Advisory : tripwire (MDKSA-2001:064)

Jarno Juuskonen reported that a temporary file vulnerability exists in versions of Tripwire prior to 2.3.1-2. Because Tripwire opens/creates temporary files in /tmp without the OEXCL flag during filesystem scanning and database updating, a malicious user could execute a symlink attack against the...

4.6CVSS5.6AI score0.00367EPSS
Exploits0References1
Rows per page
Query Builder