Lucene search
K

221 matches found

Ubuntu
Ubuntu
added 2023/07/13 2:16 p.m.71 views

USN-6228-1: Linux kernel vulnerabilities

It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service system crash. CVE-2023-212...

7.8CVSS6.7AI score0.00495EPSS
Exploits1
OSV
OSV
added 2023/07/12 6:30 p.m.16 views

GHSA-J54R-W587-95Q7 Jenkins Oracle Cloud Infrastructure Compute Plugin missing SSH host key validation

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not perform SSH host key validation when connecting to OCI clouds. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to OCI clouds. Oracle Cloud Infrastructure Compute...

4.8CVSS3.9AI score0.00424EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/07/12 6:30 p.m.28 views

Jenkins Oracle Cloud Infrastructure Compute Plugin missing SSH host key validation

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not perform SSH host key validation when connecting to OCI clouds. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to OCI clouds. Oracle Cloud Infrastructure Compute...

3.7CVSS6.4AI score0.00424EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/07/12 4:15 p.m.2 views

CVE-2023-37948

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks...

3.7CVSS5.8AI score0.00424EPSS
Exploits0References2
Prion
Prion
added 2023/07/12 4:15 p.m.22 views

Code injection

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks...

2.6CVSS4AI score0.00424EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2023/07/12 2:16 p.m.50 views

USN-6220-1: Linux kernel vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that for some...

7.8CVSS7.2AI score0.00532EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.3 views

Jenkins Plugin Oracle Cloud Infrastructure Compute 输入验证错误漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin Oracle Clo...

3.7CVSS5.1AI score0.00424EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.6 views

PT-2023-26195 · Oracle +1 · Jenkins Oracle Cloud Infrastructure Compute Classic Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Oracle Cloud Infrastructure Compute Plugin versions 1.0.16 and earlier Description: The issue concerns the lack of SSH host key validation when connecting to OCI clouds, which could enable man-in-the-middle attacks. This allows for th...

4.8CVSS3.7AI score0.00424EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2023/05/17 5:52 p.m.66 views

USN-6084-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/26 1:39 p.m.164 views

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/04/19 2:6 p.m.94 views

USN-6029-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the infrared...

7.8CVSS7.1AI score0.0046EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 12:58 p.m.74 views

USN-6027-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Jiasheng Jiang discovered that the HSA...

7.8CVSS7.1AI score0.0046EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 1:17 a.m.77 views

USN-6024-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

7.8CVSS7.2AI score0.00964EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/03/29 4:44 p.m.85 views

USN-5984-1: Linux kernel vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

7.9CVSS7.5AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/03/28 7:49 p.m.217 views

USN-5982-1: Linux kernel vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

8.8CVSS7.7AI score0.71737EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/03 2:58 p.m.76 views

USN-5917-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.1CVSS7.7AI score0.03702EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/01/10 9:58 p.m.84 views

USN-5793-3: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01364EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/12/01 7:46 p.m.72 views

USN-5757-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.8AI score0.02211EPSS
Exploits3
Qualys Blog
Qualys Blog
added 2022/11/30 8:11 p.m.19 views

Qualys Broadens Security Offerings for Oracle Cloud Infrastructure

As organizations increase their use of public cloud platforms, they encounter cloud-specific security and compliance threats, which can be challenging to address without the right tools and processes. Organizations’ cloud security difficulties lie in two main areas: Lack of visibility into their...

Exploits0
Imperva Blog
Imperva Blog
added 2022/10/25 12:50 p.m.25 views

How Imperva Mitigates Security Threats in Oracle Cloud Infrastructures

Most organizations today rely on an unprecedented number of computing resources to build, deploy and scale the workflows and applications they need to succeed. They are responsible for more data than ever before, on-premises and in the cloud, which presents them with challenges they’ve never face...

0.3AI score
Exploits0
Rows per page
Query Builder