Lucene search
K

1038 matches found

Debian CVE
Debian CVE
added 2017/12/12 10:0 p.m.30 views

CVE-2017-17564

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service host OS crash or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode...

7.8CVSS7.8AI score0.00352EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/09/18 11:25 p.m.98 views

USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

8CVSS7.9AI score0.16181EPSS
Exploits17
OSV
OSV
added 2017/09/18 8:29 p.m.14 views

USN-3422-1 linux vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

8CVSS7.8AI score0.16181EPSS
Exploits17References19
OpenVAS
OpenVAS
added 2017/09/11 12:0 a.m.34 views

Debian: Security Advisory (DSA-3969-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.0367EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.45 views

OracleVM 3.2 : xen (OVMSA-2017-0149)

The remote OracleVM system is missing necessary patches to address critical security updates : - From e26560a4b056dad6d85ffd9ebfad9565f210a9cc Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Wed, 30 May 2012 09:22:17 +0100 Subject: PATCH gnttab: don't use domain lock for serialization Instead us...

8.8CVSS6.9AI score0.00452EPSS
Exploits0References4
Xen Project
Xen Project
added 2017/08/15 12:0 p.m.347 views

multiple problems with transitive grants

ISSUE DESCRIPTION 1 Code to handle copy operations on transitive grants has built in retry logic, involving a function reinvoking itself with unchanged parameters. Such use assumes that the compiler would also translate this to a so called "tail call" when generating machine code. Empirically, th...

8.8CVSS0.5AI score0.00452EPSS
Exploits0Affected Software1
OSV
OSV
added 2017/07/11 8:29 p.m.13 views

CVE-2017-11171

Bad reference counting in the context of accepticeconnection in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data an invalid magic cookie. Each failed authentication...

5.5CVSS6.6AI score
Exploits0References2
CVE
CVE
added 2017/07/11 8:0 p.m.60 views

CVE-2017-11171

The CVE-2017-11171 issue affects gnome-session (older builds up to 2.29.92) with a vulnerability in gsm-xsmp-server.c inside accept_ice_connection(). A local attacker can establish ICE connections using invalid authentication data (invalid magic cookie). Each failed attempt leaks a file descripto...

5.5CVSS5.3AI score0.00322EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/05/17 12:0 a.m.5 views

Linux kernel denial of service vulnerability (CNVD-2017-06929)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'ipxitfioctl' function of the net/ipx/afipx.c file in Linux kernel version 4.11.1 and earlier, which stems from the program...

7.8CVSS8.4AI score0.00395EPSS
Exploits0References1
OSV
OSV
added 2017/05/14 10:29 p.m.1 views

DEBIAN-CVE-2017-7487

The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface...

7.8CVSS6.7AI score0.00395EPSS
Exploits0References1
OSV
OSV
added 2017/05/12 12:0 a.m.3 views

UBUNTU-CVE-2017-8925

The omninetopen function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service tty exhaustion by leveraging reference count mishandling...

5.5CVSS6.7AI score0.00422EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2017/02/24 12:0 a.m.65 views

Debian DSA-3791-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. - CVE-2016-6786 / CVE-2016-6787 It was discovered that the performance events subsystem does not properly manage locks during certain migrations,...

9.8CVSS6.9AI score0.0596EPSS
Exploits13References31
OSV
OSV
added 2017/02/22 7:26 a.m.3 views

USN-3208-1 linux, linux-snapdragon vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...

8.4CVSS6.9AI score0.0596EPSS
Exploits13References8
OpenVAS
OpenVAS
added 2016/06/03 12:0 a.m.30 views

CentOS Update for squid CESA-2016:1138 centos6

Check the version of squid SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882497";...

8.8CVSS6.4AI score0.77559EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/31 5:56 a.m.4 views

squid: SIGSEGV in ESIContext response handling

An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...

7.5CVSS7.3AI score0.23112EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/05/31 5:42 a.m.4 views

squid: SIGSEGV in ESIContext response handling

An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...

7.5CVSS7.3AI score0.23112EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2016/05/10 12:0 a.m.49 views

(Pwn2Own) Microsoft Windows win32kfull.sys Surface Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how...

6.6CVSS3.2AI score0.03663EPSS
Exploits1References1
OSV
OSV
added 2016/04/11 7:32 p.m.3 views

USN-2948-2 linux-lts-utopic regression

USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. We apologize for the inconvenience. Original advisory...

6.3AI score
Exploits0References2
OSV
OSV
added 2016/01/19 5:4 p.m.2 views

USN-2872-2 linux-lts-wily vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.2AI score0.03646EPSS
Exploits14References2
OSV
OSV
added 2016/01/19 4:59 p.m.4 views

USN-2871-2 linux-lts-vivid vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.2AI score0.03646EPSS
Exploits14References2
Rows per page
Query Builder