Lucene search
K

206 matches found

OSV
OSV
added 2019/08/25 5:15 p.m.4 views

CVE-2019-15540

filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user...

7.8CVSS7.3AI score0.00598EPSS
Exploits1References6
CNVD
CNVD
added 2019/03/12 12:0 a.m.5 views

IBM DB2 Buffer Overflow Vulnerability (CNVD-2019-07256)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A buffer overflow vulnerability exists in IBM DB2 including: DB2 Connect Server based on Linux, UNIX a...

8.4CVSS7.8AI score0.00531EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/09 12:0 a.m.3 views

Multiple Cisco Products IOS XE Software Elevation of Privilege Vulnerability

Cisco 4000 Series Integrated Services Routers and others are different models of router products from Cisco USA. in which IOS XE Software is used. an operating system developed by Cisco for its network devices. An elevation of privilege vulnerability exists in the shell access request mechanism o...

7.2CVSS7AI score0.00396EPSS
Exploits0References1
OSV
OSV
added 2018/07/12 6:29 p.m.6 views

CVE-2018-5529

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information,...

7.8CVSS5.8AI score0.00484EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2018/07/04 12:0 a.m.83 views

ADB Local Root Jailbreak

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local root jailbreak via network file sharing flaw product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202...

7.7AI score0.01583EPSS
Exploits5
OSV
OSV
added 2018/06/08 5:29 p.m.4 views

DEBIAN-CVE-2014-5220

The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root...

7.8CVSS7.4AI score0.00505EPSS
Exploits0References1
OSV
OSV
added 2017/11/30 3:59 p.m.10 views

SUSE-SU-2017:3165-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an...

7.8CVSS7.7AI score0.10695EPSS
Exploits9References28
OSV
OSV
added 2017/10/24 1:27 p.m.8 views

USN-3462-1 pacemaker vulnerabilities

Jan Pokorný and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. CVE-2016-7035 Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker...

8.8CVSS7.4AI score0.0325EPSS
Exploits0References3
CNVD
CNVD
added 2017/04/12 12:0 a.m.6 views

Ubuntu Linux kernel package integer overflow vulnerability

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, of which the Linux kernel package is a component. An integer overflow vulnerability exists in version 3.16.0-28 of the Linux kernel package on the Ubuntu 14.04 LTS release. Due to the program...

6.8AI score
Exploits1References1
OSV
OSV
added 2017/03/30 4:52 a.m.5 views

SUSE-SU-2017:0874-1 Security update for Linux Kernel Live Patch 4 for SLE 12 SP1

This update for the Linux Kernel 3.12.57-6035 fixes one issue. The following security bugs were fixed: - CVE-2017-7184: The XFRM processsing in the Linux kernel 16.10 allowed local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access via an integer overflow...

7.8CVSS7AI score0.01798EPSS
Exploits4References3
OSV
OSV
added 2016/11/28 3:59 a.m.4 views

CVE-2016-9644

The getuserasmex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this...

7.8CVSS6.7AI score0.01454EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/11/27 12:0 a.m.37 views

CVE-2016-9644

The getuserasmex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this...

9.3CVSS7.1AI score0.01454EPSS
Exploits0References7
OSV
OSV
added 2016/09/26 2:59 p.m.6 views

CVE-2016-6276

Citrix Linux Virtual Delivery Agent aka VDA, formerly Linux Virtual Desktop before 1.4.0 allows local users to gain root privileges via unspecified vectors...

7.8CVSS5.8AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2016/09/25 10:59 a.m.2 views

CVE-2016-4710

WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709...

7.8CVSS7.3AI score
Exploits0References5
CNVD
CNVD
added 2016/09/21 12:0 a.m.4 views

EMC Avamar Data Store and Avamar Virtual Edition Command Injection Vulnerability

EMC Avamar is a backup and recovery solution from EMC Corporation. The solution provides data backup, disaster recovery, deduplication, etc. Avamar Data Store ADS is one of the components used for data backup; Avamar Virtual Edition AVE is one of the components used to realize the replication...

7.8CVSS7.4AI score0.00414EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/22 12:0 a.m.3 views

Red Hat Enterprise Linux setroubleshoot allow_execstack plugin shell command injection vulnerability

Red Hat Enterprise Linux RHEL is a Linux operating system maintained and distributed by Red Hat for business users. setroubleshoot is one of the troubleshooting tools. A shell command injection vulnerability exists in the allowexecstack plugin in RHEL's setroubleshoot. A local attacker could...

7CVSS7.5AI score0.00475EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2015/12/01 12:0 a.m.48 views

CentOS 7.1 / Fedora 22 abrt Local Root

!/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions too abrt-hook-ccpp insecure open usage + abrt-action-install-debuginfo insecure temp directory usage rebel 09/2015 ---------------------------------------- user@localhost $ id...

6.9CVSS6.4AI score0.03268EPSS
Exploits18
CNVD
CNVD
added 2015/11/10 12:0 a.m.6 views

Cisco Mobility Services Engine Elevation of Privilege Vulnerability

Cisco Mobility Services Engine MSE is a platform Mobility Services Engine that provides Wi-Fi services from Cisco. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. A security vulnerability exists in Cisco MSE 8.0.120.7 and prior versions...

6.9CVSS6.9AI score0.0039EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2015/11/08 10:59 p.m.3 views

CVE-2015-5043

diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 allows local users to obtain root access via unspecified key sequences...

7.2CVSS5.5AI score0.00336EPSS
Exploits0References2
exploitpack
exploitpack
added 2015/05/23 12:0 a.m.51 views

Apport (Ubuntu 14.0414.1015.04) - Race Condition Privilege Escalation

Apport Ubuntu 14.0414.1015.04 - Race Condition Privilege Escalation / Exploit Title: apport/ubuntu local root race condition Date: 2015-05-11 Exploit Author: rebel Version: ubuntu 14.04, 14.10, 15.04 Tested on: ubuntu 14.04, 14.10, 15.04 CVE : CVE-2015-1325 ==============================...

6.9CVSS0.8AI score0.00943EPSS
Exploits3
Rows per page
Query Builder