Lucene search
K

1155 matches found

OSV
OSV
added 2019/11/25 5:15 p.m.3 views

CVE-2019-4406

IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. IBM X-Force ID: 162477...

4.4CVSS5.7AI score0.003EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2019/11/21 12:0 a.m.58 views

USN-4185-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck...

8.8CVSS8.2AI score0.03133EPSS
Exploits0
NVD
NVD
added 2019/11/14 5:15 p.m.8 views

CVE-2019-16110

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...

8.1CVSS8.4AI score0.01691EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.11 views

Code injection

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...

6.8CVSS8.4AI score0.01691EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/14 4:56 p.m.17 views

CVE-2019-16110

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...

8.4AI score0.01691EPSS
Exploits0References1
CVE
CVE
added 2019/11/14 4:56 p.m.44 views

CVE-2019-16110

Blade Shadow up to version 2.13.3 is vulnerable to remote code execution via the network protocol: an attacker who knows the victim’s IP can inject data into the unencrypted UDP stream, potentially taking control of a Shadow instance. Root cause: unprotected UDP packet handling allows arbitrary c...

8.1CVSS8.4AI score0.01691EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2019/11/14 3:7 p.m.22 views

CVE-2019-18680

A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module that is loaded through an autoload via a local process running listen, or manual loading, could possibly cause a kernel panic. Mitigation While this is a network protocol being...

7.8CVSS0.6AI score0.03638EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/11/14 12:0 a.m.87 views

Ubuntu 18.04 LTS : Linux kernel vulnerability and regression (USN-4184-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4184-2 advisory. USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was...

7.8CVSS7AI score0.00668EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2019/11/13 1:58 a.m.122 views

USN-4185-2: Linux kernel (Azure) vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/13 1:38 a.m.146 views

USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi,...

8.8CVSS7.7AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/13 1:6 a.m.104 views

USN-4186-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

9.8CVSS7.8AI score0.72105EPSS
Exploits27References1
OSV
OSV
added 2019/11/13 1:2 a.m.6 views

USN-4185-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

8.8CVSS7.2AI score0.03133EPSS
Exploits0References12
Ubuntu
Ubuntu
added 2019/11/13 12:45 a.m.110 views

USN-4184-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

8.8CVSS7.8AI score0.03133EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2019/11/13 12:0 a.m.66 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4184-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4184-1 advisory. Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp,...

8.8CVSS7.4AI score0.03133EPSS
Exploits2References15
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network protocol...

5.3CVSS6.5AI score0.02211EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.7 views

The vulnerability of the Connector/ODBC sub-component of the MySQL Connectors component of the database management system MySQL allows a attacker to cause a service failure.

The vulnerability of the Connector/ODBC sub-component of the MySQL Connectors database management system is related to incorrect authentication. Exploiting this vulnerability allows a malicious actor to cause service failures using the MySQL network protocol...

5.3CVSS6.4AI score0.0225EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.4 views

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL network protocol...

6.8CVSS6.3AI score0.01885EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.4 views

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component in the “Security: Encryption” section is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network protocol...

4.3CVSS6.3AI score0.01716EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

Vulnerability of the MySQL Server component: This component of the database management system allows a hacker to cause system downtime or service failures.

The vulnerability of the MySQL Server component of the database management system involves deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause downtime or service failures using the MySQL network protocol...

6.8CVSS6.3AI score0.02693EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.3 views

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network protocol...

5.3CVSS6.5AI score0.02211EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder