CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4827 matches found

Prion•added 2018/12/17 3:29 p.m.•13 views

Input validation

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks...

7.2CVSS7.3AI score0.00466EPSS

Exploits0References1Affected Software1

CVE•added 2018/12/17 3:0 p.m.•115 views

CVE-2018-19295

CVE-2018-19295 affects Sylabs Singularity 2.4–2.6. The issue is tied to improper handling of mount namespaces, enabling local users to escalate privileges due to how mount points were joined or propagated. Public records in OSV/USN/SUSE advisories indicate a fix in Singularity 2.6.1 (openSUSE/SUS...

7.8CVSS7.2AI score0.00466EPSS

Exploits0References1Affected Software1

CVE•added 2018/12/12 4:0 p.m.•52 views

CVE-2018-11465

Siemens SINUMERIK controllers (808D, 828D, 840D sl) running affected V4.x are vulnerable to CVE-2018-11465 via ioctl abuse that can cause out-of-bounds reads, arbitrary writes, or kernel-mode code execution. Affected: 808D v4.7/v4.8 (all before certain SPs), 828D v4.7 (all before v4.7 SP6 HF1), 8...

7.8CVSS7.3AI score0.00429EPSS

Exploits0References2Affected Software1

CNVD•added 2018/12/07 12:0 a.m.•3 views

Google Android Memory Corruption Vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. A memory corruption vulnerability due to type confusion exists in skclonelock in sock.c in Google Android. A local attacker can exploit this vulnerability to achieve...

7.8CVSS6.4AI score0.00715EPSS

Exploits0References1

OSV•added 2018/12/05 10:29 p.m.•1 views

UBUNTU-CVE-2018-19608

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-ECDHE cipher suites...

4.7CVSS6.1AI score0.00336EPSS

Exploits0References5

FreeBSD•added 2018/11/28 12:0 a.m.•25 views

Mbed TLS -- Local timing attack on RSA decryption

Janos Follath reports: An attacker who can run code on the same machine that is performing an RSA decryption can potentially recover the plaintext through a Bleichenbacher-like oracle...

4.7CVSS3.9AI score0.00336EPSS

Exploits0References1

OSV•added 2018/11/22 3:20 p.m.•6 views

SUSE-SU-2018:3865-1 Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3)

This update for the Linux Kernel 4.4.92-630 fixes several issues. The following security issues were fixed: - CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service conditio...

7.8CVSS5.8AI score0.24575EPSS

Exploits0References5

CNVD•added 2018/11/22 12:0 a.m.•1 views

Apple macOS Security Denial of Service Vulnerability

Apple macOS Sierra is a suite of specialized operating systems for Mac computers developed by Apple Inc. macOS High Sierra is the next generation of macOS. security is one of the security components. A security vulnerability exists in the Security component of Apple macOS Sierra version 10.12.6 a...

5.5CVSS6.5AI score0.00349EPSS

Exploits0References1

CVE•added 2018/11/16 4:0 p.m.•73 views

CVE-2018-1797

CVE-2018-1797 is a directory traversal vulnerability (Zip-Slip) in IBM WebSphere Application Server when using Enterprise Bundle Archives (EBA). An authenticated attacker could cause a victim to extract a crafted ZIP containing ".. /" sequences, enabling writing to arbitrary files on the host. Af...

6.3CVSS5.6AI score0.01951EPSS

Exploits0References4Affected Software1

Vulnerability Lab•added 2018/11/14 12:0 a.m.•53 views

Intel Distribution Python (IDP) 2018 - Privilege Escalation

Document Title: =============== Intel Distribution Python IDP 2018 - Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2166 ID: INTEL-SA-00181 https://nvd.nist.gov/vuln/detail/CVE-2018-12175 https://vuldb.com/fr/?id.123941...

7.8CVSS0.8AI score0.00277EPSS

Exploits2

Tenable Nessus•added 2018/10/31 12:0 a.m.•28 views

GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201810-08 PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. In addition it was discovered that Gentoos PostgreSQL installati...

9.1CVSS6.8AI score0.05154EPSS

Exploits0References4

CNVD•added 2018/10/26 12:0 a.m.•2 views

xorg-x11-server elevation of privilege vulnerability

The xorg-x11-server is an X Window System display server bundled with multiple vendor operating systems. A security vulnerability exists in xorg-x11-server versions prior to 1.20.3. A local attacker can exploit this vulnerability to elevate privileges and run arbitrary code with root privileges...

7.2CVSS7.2AI score0.2704EPSS

Exploits39References1

Vulnerability Lab•added 2018/10/24 12:0 a.m.•52 views

Intel Quartus Family - Privilege Escalation Vulnerability

Document Title: =============== Intel Quartus Family - Privilege Escalation Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2159 Watch Video: https://www.youtube.com/watch?v=zX1Fmz0sAHk Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2160...

7.8CVSS7.6AI score0.00353EPSS

Exploits4

Vulnerability Lab•added 2018/10/24 12:0 a.m.•58 views

Intel Quartus Family - Privilege Escalation Vulnerability

Document Title: =============== Intel Quartus Family - Privilege Escalation Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2160 Video: https://www.vulnerability-lab.com/getcontent.php?id=2159 Intel ID: INTEL-SA-00151 Ref:...

7.8CVSS7.6AI score0.00353EPSS

Exploits4

Vulnerability Lab•added 2018/10/15 12:0 a.m.•1088 views

EasyBoot v6.6.0.800 - (Function Key) Buffer Overflow

Document Title: =============== EasyBoot v6.6.0.800 - Function Key Buffer Overflow References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2155 Release Date: ============= 2018-10-15 Vulnerability Laboratory ID VL-ID: ==================================== 2155...

0.6AI score

Exploits0

Tenable Nessus•added 2018/10/11 12:0 a.m.•97 views

Amazon Linux 2 : kernel (ALAS-2018-1086)

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

8.3CVSS7.1AI score0.08743EPSS

Exploits4References4

Vulnerability Lab•added 2018/10/11 12:0 a.m.•58 views

EasyBoot v6.6.0.800 - (Title CD) Unicode Buffer Overflow

Document Title: =============== EasyBoot v6.6.0.800 - Title CD Unicode Buffer Overflow References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2147 Release Date: ============= 2018-10-11 Vulnerability Laboratory ID VL-ID: ==================================== 21...

7.4AI score

Exploits0

OSV•added 2018/10/01 8:29 a.m.•7 views

CVE-2015-9267

Nullsoft Scriptable Install System NSIS before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program...

5.5CVSS7.4AI score

Exploits0References7

OSV•added 2018/10/01 8:29 a.m.•3 views

DEBIAN-CVE-2015-9267

5.5CVSS6.5AI score0.00386EPSS

Exploits1References1