Lucene search
K

219 matches found

RedHat Linux
RedHat Linux
added 2019/12/10 12:6 p.m.5 views

kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service

The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dmgetfromkobject which can be caused by local users leveraging a race condition with dmdestroy during creation and removal of DM devices. Only privileged local users with CAPSYSADMIN capability can...

4.7CVSS6.6AI score0.00328EPSS
Exploits0References4
OSV
OSV
added 2019/03/14 8:29 p.m.4 views

CVE-2018-12189

Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access...

4.4CVSS5.8AI score0.00295EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.5 views

kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...

5.5CVSS7.1AI score0.00403EPSS
Exploits0References4
NVD
NVD
added 2018/10/26 12:29 a.m.20 views

CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

7.8CVSS7.4AI score0.00311EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/10/26 12:0 a.m.20 views

CVE-2018-18653

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with...

7.3AI score0.00311EPSS
Exploits1References3
OSV
OSV
added 2018/10/10 6:29 p.m.4 views

CVE-2018-12172

Improper password hashing in firmware in Intel Server Board S7200AP,S7200APR and Intel Compute Module HNS7200AP, HNS7200AP may allow a privileged user to potentially disclose firmware passwords via local access...

5.5CVSS5.7AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2018/09/12 7:29 p.m.2 views

CVE-2018-3686

Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access...

6.7CVSS6AI score0.00446EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/05/22 1:41 a.m.6 views

QEMU: cirrus: OOB access when updating VGA display

Quick Emulator aka QEMU, when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds access and QEMU process crash by leveraging incorrect region calculation when updating VGA display...

5.5CVSS7.2AI score0.00637EPSS
Exploits0References4
Prion
Prion
added 2018/05/11 7:29 p.m.14 views

Race condition

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility DCCU, which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted...

1.9CVSS6.7AI score0.00208EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/05/11 7:0 p.m.25 views

CVE-2009-5152

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility DCCU, which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted...

4.1AI score0.00208EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/04/10 3:23 p.m.5 views

kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service

The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dmgetfromkobject which can be caused by local users leveraging a race condition with dmdestroy during creation and removal of DM devices. Only privileged local users with CAPSYSADMIN capability can...

4.7CVSS6.6AI score0.00328EPSS
Exploits0References4
OSV
OSV
added 2018/03/12 12:0 a.m.2 views

UBUNTU-CVE-2018-7858

Quick Emulator aka QEMU, when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds access and QEMU process crash by leveraging incorrect region calculation when updating VGA display...

5.5CVSS6.8AI score0.00637EPSS
Exploits0References4
OSV
OSV
added 2018/01/18 2:29 a.m.2 views

CVE-2018-2575

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with network access via multiple protocols to compromise...

2CVSS7.3AI score0.00891EPSS
Exploits0References3
OSV
OSV
added 2017/06/08 4:29 p.m.1 views

DEBIAN-CVE-2017-9310

QEMU aka Quick Emulator, when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service infinite loop via vectors related to setting the initial receive / transmit descriptor head TDH/RDH outside the allocated descriptor buffer...

5.6CVSS6.3AI score0.00345EPSS
Exploits0References1
OSV
OSV
added 2017/04/20 12:0 a.m.7 views

UBUNTU-CVE-2017-7718

hw/display/cirrusvgarop.h in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors related to copying VGA data via the cirrusbitbltropfwdtransp and cirrusbitbltropfwd functions...

5.5CVSS6.7AI score0.00499EPSS
Exploits0References3
OSV
OSV
added 2017/03/15 3:59 p.m.1 views

DEBIAN-CVE-2017-5525

Memory leak in hw/audio/ac97.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

6.5CVSS8.3AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2017/03/15 3:59 p.m.3 views

DEBIAN-CVE-2017-5579

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

6.5CVSS8.3AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/02/27 4:48 p.m.35 views

CVE-2017-5669

The doshmat function in ipc/shm.c in the Linux kernel, through 4.9.12, does not restrict the address calculated by a certain rounding operation. This allows privileged local users to map page zero and, consequently, bypass a protection mechanism that exists for the mmap system call. This is...

7.8CVSS5.2AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2015/12/16 12:0 a.m.3 views

UBUNTU-CVE-2015-7549

The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...

6CVSS6.8AI score0.00377EPSS
Exploits0References4
Rows per page
Query Builder