Lucene search
K

295 matches found

Ubuntu
Ubuntu
added 2020/09/17 10:8 p.m.74 views

USN-4519-1: PulseAudio vulnerability

Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.1CVSS6.7AI score0.00294EPSS
Exploits0
OSV
OSV
added 2020/09/17 10:8 p.m.7 views

USN-4519-1 pulseaudio vulnerability

Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.1CVSS6.6AI score0.00294EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/09/17 12:0 a.m.28 views

CVE-2020-15710

Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in...

6.1CVSS6.3AI score0.00294EPSS
Exploits0References2
OSV
OSV
added 2020/09/17 12:0 a.m.2 views

UBUNTU-CVE-2020-15710

Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in...

6.1CVSS6.3AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.22 views

openSUSE Security Update : mumble (openSUSE-2020-1016)

This update for mumble fixes the following issues : mumble was updated 1.3.2 : - client: Fixed overlay not starting Update to upstream version 1.3.1 - Security - Fixed: Potential exploit in the OCB2 encryption 4227 boo1174041 - ICE - Fixed: Added missing UserKDFIterations field to UserInfo =...

5.7AI score
Exploits0References1
CNVD
CNVD
added 2020/05/18 12:0 a.m.3 views

Pulseaudio Access Control Bypass Vulnerability

PulseAudio is an open source audio system for POSIX OS. The system is primarily used for audio transmission, among other things. A security vulnerability exists in PulseAudio. An attacker could exploit this vulnerability to bypass access control and record audio...

3.3CVSS6.8AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2020/05/15 4:15 a.m.7 views

CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

3.3CVSS5.8AI score0.0033EPSS
Exploits0References2
NVD
NVD
added 2020/05/15 4:15 a.m.16 views

CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

3.3CVSS3.9AI score0.0033EPSS
Exploits0References2
Prion
Prion
added 2020/05/15 4:15 a.m.16 views

Design/Logic Flaw

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

2.1CVSS4.1AI score0.0033EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/05/15 3:25 a.m.158 views

CVE-2020-11931

CVE-2020-11931 describes an Ubuntu-specific modification to PulseAudio that mediates snap access but allows bypassing the intended access restriction for Snap-enabled audio interfaces by unloading the PulseAudio snap policy module. Affected are PulseAudio versions listed in the entry (prior to sp...

3.3CVSS3.8AI score0.0033EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/05/15 3:25 a.m.24 views

CVE-2020-11931 Ubuntu modifications to pulseaudio to provide snap security enforcement could be unloaded

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

3.3CVSS3.8AI score0.0033EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/05/13 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-4355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.1AI score0.0033EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/05/13 12:0 a.m.58 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PulseAudio vulnerability (USN-4355-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4355-1 advisory. PulseAudio in Ubuntu contains additional functionality to mediate audio recording for snap packages and it was discovered that this...

3.3CVSS5.1AI score0.0033EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/05/12 7:25 p.m.54 views

USN-4355-1: PulseAudio vulnerability

PulseAudio in Ubuntu contains additional functionality to mediate audio recording for snap packages and it was discovered that this functionality did not mediate PulseAudio module unloading. An attacker-controlled snap with only the audio-playback interface connected could exploit this to bypass...

3.3CVSS4.9AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2020/05/12 7:25 p.m.5 views

USN-4355-1 pulseaudio vulnerability

PulseAudio in Ubuntu contains additional functionality to mediate audio recording for snap packages and it was discovered that this functionality did not mediate PulseAudio module unloading. An attacker-controlled snap with only the audio-playback interface connected could exploit this to bypass...

3.3CVSS5.8AI score0.0033EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/04/16 12:0 a.m.19 views

CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

3.3CVSS5.9AI score0.0033EPSS
Exploits0References3
OSV
OSV
added 2020/04/16 12:0 a.m.1 views

UBUNTU-CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...

3.3CVSS5.8AI score0.0033EPSS
Exploits0References4
OSV
OSV
added 2020/01/22 1:15 p.m.3 views

CVE-2018-16263

The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...

8.8CVSS5.8AI score0.00781EPSS
Exploits0References3
NVD
NVD
added 2020/01/22 1:15 p.m.17 views

CVE-2018-16263

The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...

8.8CVSS8.7AI score0.00781EPSS
Exploits0References3
Prion
Prion
added 2020/01/22 1:15 p.m.22 views

Design/Logic Flaw

The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2...

5.8CVSS8.6AI score0.00781EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder