Lucene search
K

70 matches found

OSV
OSV
added 2022/05/10 6:42 a.m.50 views

RLSA-2022:1975 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 kernel: avoid cyclic entity chains due to malformed U...

7.8CVSS9.2AI score0.74041EPSS
Exploits22References38
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:14811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.36339EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/08/16 7:52 a.m.79 views

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

9.3CVSS2.1AI score0.02524EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/12 12:0 a.m.2 views

PT-2021-15277 · Node.Js · Node.Js

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 16.4.1 Node.js versions prior to 14.17.2 Node.js versions prior to 12.22.2 Description: The issue allows for local privilege escalation attacks under certain conditions on Windows platforms due to improper...

7.8CVSS7.3AI score0.07409EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2019/10/10 12:0 a.m.6 views

PT-2019-5870 · Imagemagick +5 · Imagemagick +5

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.9-0 Description: A flaw was found in ImageMagick in MagickCore/statistic.c, related to an integer overflow of the value. An attacker who submits a crafted file that is processed by ImageMagick could trigger...

9.1CVSS6.9AI score0.89855EPSS
Exploits68References349
Positive Technologies
Positive Technologies
added 2019/08/12 12:0 a.m.6 views

PT-2019-13346 · Otrs +2 · Otrs +2

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.8 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Description: An issue...

9.8CVSS7AI score0.99019EPSS
Exploits29References162
Positive Technologies
Positive Technologies
added 2019/06/18 12:0 a.m.10 views

PT-2020-5868 · Go +1 · Crypto/X509 +5

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.12.16 Go versions 1.13.x prior to 1.13.7 crypto/cryptobyte package versions prior to 0.0.0-20200124225646-8b5121be2f68 Description: The issue is related to errors in the certificate authentication procedure in the...

7.8CVSS6.6AI score0.0473EPSS
Exploits0References50
Intel
Intel
added 2018/10/09 12:0 a.m.22 views

Intel® RAID Web Server 3 Service Advisory

Summary: A potential security vulnerability in the Intel® Raid Web Server 3 may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12161 Description: Insufficient session validation in the webserver...

6.5CVSS6.3AI score0.01069EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/01/18 12:0 a.m.167 views

CentOS Update for microcode_ctl CESA-2018:0093 centos7

Check the version of microcodectl SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882828";...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References2
Amazon
Amazon
added 2013/07/12 12:0 a.m.47 views

Medium: krb5

Issue Overview: It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server,...

5CVSS8.2AI score0.06485EPSS
Exploits0References1
Rows per page
Query Builder