Lucene search
K

2521 matches found

OpenVAS
OpenVAS
added 2022/02/09 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2022-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.02598EPSS
Exploits3References4
OSV
OSV
added 2022/02/02 9:29 p.m.5 views

MGASA-2022-0045 Updated connman packages fix security vulnerability

TCP Receive Path does not Check for Presence of Sufficient Header Data. CVE-2022-23096 Possibly invalid memory reference in 'strnlen' call in 'forwarddnsreply'. CVE-2022-23097 TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. CVE-2022-23098...

9.1CVSS8.3AI score0.02598EPSS
Exploits3References3
Talos
Talos
added 2022/01/26 12:0 a.m.58 views

Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability

Summary A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of HTTP requests can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested...

7.8CVSS7.6AI score0.01339EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.5 views

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot which may be the case when using GSO XDP or software hashing. (CVE-2021-28714)

...

6.5CVSS6.6AI score0.00332EPSS
Exploits0
OSV
OSV
added 2022/01/18 10:15 p.m.3 views

DEBIAN-CVE-2022-21689

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which can be triggered b...

7.5CVSS6.9AI score0.01374EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/01/18 10:15 p.m.14 views

CVE-2022-21689

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which can be triggered b...

7.5CVSS7AI score0.01374EPSS
Exploits0References4
PyPA
PyPA
added 2022/01/18 10:15 p.m.8 views

PYSEC-2022-40

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which can be triggered b...

7.5CVSS6.9AI score0.01374EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/01/18 10:15 p.m.14 views

Default credentials

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which can be triggered b...

5CVSS7.4AI score0.01374EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/01/18 10:15 p.m.4 views

UBUNTU-CVE-2022-21689

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which can be triggered b...

7.5CVSS7AI score0.01374EPSS
Exploits0References5
Snyk
Snyk
added 2021/12/13 1:50 p.m.6 views

Arbitrary Code Execution

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it...

9.8CVSS7.2AI score0.01327EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.3 views

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. Huawei HarmonyOS is vulnerable to input validation errors. The vulnerability stems from unchecked clientrecvwritepage. An attacker could exploit this vulnerability to cause the kernel to crash...

7.8CVSS5.7AI score0.00667EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/11/23 12:0 a.m.4 views

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. The vulnerability stems from clientrecvdelete not being checked. An attacker can exploit the vulnerabili...

7.8CVSS5.8AI score0.00667EPSS
Exploits0References3
OSV
OSV
added 2021/11/17 5:15 p.m.3 views

DEBIAN-CVE-2021-43976

In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...

4.6CVSS6.1AI score0.00643EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/11/15 10:58 a.m.3 views

kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type

A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system...

9.8CVSS7.3AI score0.5758EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/11/15 10:14 a.m.4 views

kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type

A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system...

9.8CVSS7.3AI score0.5758EPSS
Exploits2References4
Mageia
Mageia
added 2021/11/11 3:2 p.m.65 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.78 and fixes at least the following security issues: A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability CVE-2021-3760. A flaw in the SCTP stack where a blind attacker may be...

9.8CVSS7.6AI score0.5758EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.3 views

kernel: tcp: add sanity tests to TCP_QUEUE_SEQ

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

5.5CVSS6.8AI score0.00393EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.5 views

The vulnerability in the `hw/net/tulip.c` component of the QEMU hardware emulation software involves writing beyond the buffer boundaries. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the hw/net/tulip.c component of the QEMU hardware emulation software involves writing beyond the buffer boundaries during copy operations for TX/RX data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, a...

6.8CVSS7.2AI score0.01921EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2021/10/04 2:15 p.m.4 views

DEBIAN-CVE-2021-41868

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality...

9.8CVSS7.5AI score0.0232EPSS
Exploits1References1
NVD
NVD
added 2021/10/04 2:15 p.m.20 views

CVE-2021-41868

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality...

9.8CVSS0.0232EPSS
Exploits1References2
Rows per page
Query Builder