Lucene search
K

408 matches found

CVE
CVE
added 2023/12/19 12:0 a.m.52 views

CVE-2023-47267

The CVE-2023-47267 issue affects TheGreenBow Windows VPN clients: Enterprise Certified VPN Client 6.52, Standard VPN Client 6.87, and Enterprise VPN Client 6.87. Root cause is privilege escalation via crafted changes to memory-mapped files. Impact is elevated privileges, with network-vector-like ...

9.8CVSS9.4AI score0.0075EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 12:0 a.m.14 views

CVE-2023-47267

An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file...

9.7AI score0.0075EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.5 views

TheGreenBow Windows Certified VPN Client Security Vulnerability

TheGreenBow Windows Certified VPN Client is a client VPN from TheGreenBow. TheGreenBow Windows Certified VPN Client suffers from a security vulnerability that stems from an attacker's ability to cause elevation of privilege via a carefully crafted memory-mapped file...

9.8CVSS7AI score0.0075EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.6 views

PT-2023-30401

Name of the Vulnerable Software and Affected Versions TheGreenBow Windows Enterprise Certified VPN Client version 6.52 TheGreenBow Windows Standard VPN Client version 6.87 TheGreenBow Windows Enterprise VPN Client version 6.87 Description An issue discovered in TheGreenBow VPN clients allows...

9.8CVSS7AI score0.0075EPSS
Exploits0References7
NVD
NVD
added 2023/11/14 7:15 p.m.26 views

CVE-2021-46758

Insufficient validation of SPI flash addresses in the ASP AMD Secure Processor bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and integrity...

6.1CVSS0.00325EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.6 views

kernel: wifi: mt76: connac: do not check WED status for non-mmio devices

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: do not check WED status for non-mmio devices WED is supported just for mmio devices, so do not check it for usb or sdio devices. This patch fixes the crash reported below: 21.946627 wlp0s3u1i3: authenticate wi...

5.5CVSS6.5AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.7 views

kernel: Linux kernel KVM: Memory leak via coalesced MMIO unregistration failure

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. This vulnerability occurs when the unregistration of a coalesced Memory-Mapped I/O MMIO device fails, leading to a memory leak. A local attacker could exploit this flaw to consume system memory, potentially causing...

5.8AI score0.00161EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2023/11/02 8:59 a.m.122 views

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

As many as 34 unique vulnerable Windows Driver Model WDM and Windows Driver Frameworks WDF drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege...

7.8CVSS8AI score0.0046EPSS
Exploits1
OSV
OSV
added 2023/10/27 3:15 a.m.3 views

AZL-31815 CVE-2023-46813 affecting package kernel for versions less than 5.15.137.1-1

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...

7CVSS6.8AI score0.00693EPSS
Exploits0References1
OSV
OSV
added 2023/08/22 7:15 p.m.1 views

UBUNTU-CVE-2020-18770

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service...

5.5CVSS6.6AI score0.00317EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.5 views

kernel: i2c: piix4: Fix a memory leak in the EFCH MMIO support

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak in that code path. The leak is caused by the fact that releaseresource merely removes the resource...

5.5CVSS6.4AI score0.00258EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2023/03/06 7:0 a.m.170 views

Intel CPU vulnerabilities fixed. But should you update?

Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs. The normal gut reaction would be to install out of band updates as soon as possible. Microsoft wouldnt be releasing the updates ahead of the regular cycle without good reason, would it? Well, mayb...

2.1CVSS0.6AI score0.06451EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/03/06 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.06346EPSS
Exploits3References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1528

Linux kernel before 2.6.13 allows local users to cause a denial of service crash via a dio transfer from the sg driver to memory mapped mmap IO space...

4.9CVSS6.3AI score0.00441EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.4 views

SUSE CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

4.6CVSS6.8AI score0.02141EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.2 views

SUSE CVE-2010-0419

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...

4.4CVSS7AI score0.0035EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3432

The handlemmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service guest OS crash via unspecified...

1.9CVSS6.2AI score0.00642EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.3 views

SUSE CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

5.7CVSS6.3AI score0.00621EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.3 views

SUSE CVE-2013-4355

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a 1 port or 2 memory mapped I/O write or 3 other unspecified operations related to addresses without associated memory...

1.5CVSS6.5AI score0.0031EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.4 views

SUSE CVE-2014-7842

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to...

4.9CVSS6.5AI score0.00374EPSS
Exploits0References9
Rows per page
Query Builder