Lucene search
+L

62 matches found

ptsecurity
ptsecurity
added 2022/11/10 12:0 a.m.12 views

PT-2022-5431 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue is related to insufficient access control in Kubernetes, allowing users authorized to list or watch one type of namespaced custom resource cluster-wide to read custom resources...

8.8CVSS6.5AI score0.02607EPSS
Exploits1References40
kubernetes
kubernetes
added 2022/11/08 9:33 p.m.8 views

Unauthorized read of Custom Resources

CVSS Rating: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N A security issue was discovered in Kubernetes where users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Am I...

6.5CVSS6.6AI score0.01191EPSS
Exploits0Affected Software1
prion
prion
added 2022/09/02 12:15 p.m.22 views

Input validation

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...

4.6CVSS6.8AI score0.00186EPSS
Exploits0References1
cvelist
cvelist
added 2022/09/02 11:30 a.m.34 views

CVE-2021-35108

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...

6.8CVSS6.9AI score0.00186EPSS
Exploits0References1
cve
cve
added 2022/09/02 11:30 a.m.70 views

CVE-2021-35108

CVE-2021-35108 concerns Qualcomm/Qualcomm closed‑source components in Snapdragon Connectivity and Snapdragon Mobile. The root cause is improper checking of the AP-S lock bit when verifying secure resource group permissions, which can permit non‑secure read and write access. The CVSSv3.1 base vect...

6.8CVSS6.6AI score0.00186EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2022/09/02 12:0 a.m.5 views

PT-2022-10427 · Qualcomm · Snapdragon Mobile +1

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Connectivity and Snapdragon Mobile affected versions not specified Description: The issue concerns possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in...

6.8CVSS6.6AI score0.00186EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/06/07 12:0 a.m.6 views

Qualcomm 芯片代码问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are from time to time fabricated on the surface of semiconductor wafers. A code issue vulnerability exists in various Qualcomm products that...

6.8CVSS7.2AI score0.00186EPSS
Exploits0References4
veeam
veeam
added 2021/12/29 12:0 a.m.15 views

Restricting Veeam Backup for Microsoft Azure Permissions to Resource Group

Challenge When deploying Veeam Backup for Microsoft Azure , and initially adding the Azure account, it must have the Microsoft.Authorization//Write permissions assigned in the subscription associated with the backup appliance. After deployment, the account can then be restricted to only allow ful...

6.7AI score
Exploits0Affected Software1
mskb
mskb
added 2020/04/09 12:0 a.m.12 views

March 2016 update for Windows Server 2012 R2 clusters to fix several issues

March 2016 update for Windows Server 2012 R2 clusters to fix several issues This article describes issues in which Data Protection Manager DPM filter driver can't track changes on Cluster Shared Volumes CSV or virtual machine VM configuration resource online fails due to invalid resource state in...

6.4AI score
Exploits0
redhatcve
redhatcve
added 2019/10/01 10:52 a.m.37 views

CVE-2016-10905

A flaw was found in the resource group management of the GFS2 filesystem. A local attacker can use this flaw to cause a use-after-free error, which can be used to crash the system, corrupt memory, or escalate privileges. Mitigation At this time there is no known mitigation for this flaw, but...

7.8CVSS2.7AI score0.00581EPSS
Exploits0References3
osv
osv
added 2019/08/19 2:15 a.m.1 views

DEBIAN-CVE-2016-10905

An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry...

7.8CVSS6.7AI score0.00581EPSS
Exploits0References1
osv
osv
added 2019/08/18 12:0 a.m.6 views

UBUNTU-CVE-2016-10905

An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry...

7.8CVSS6.7AI score0.00581EPSS
Exploits0References5
nvd
nvd
added 2019/08/15 5:15 p.m.14 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.4CVSS5.3AI score0.01256EPSS
Exploits1References3
cvelist
cvelist
added 2019/08/15 4:47 p.m.20 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.3AI score0.01256EPSS
Exploits1References3
cve
cve
added 2019/08/15 4:47 p.m.47 views

CVE-2018-12101

CVE-2018-12101 affects CMS Clipper 1.3.3 with cross-site scripting in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields. The available documents do not specify the exact vulnerability type (stored vs. reflected), root cause, affected components beyond tho...

5.4CVSS5.2AI score0.01256EPSS
Exploits1References3Affected Software1
akamaiblog
akamaiblog
added 2018/09/06 4:0 a.m.14 views

Akamai India's StandTall Program

Diversity and Inclusion is a mission-critical goal at Akamai. In support of this goal, the India Learning and Development team in collaboration with the Women's Forum India employee resource group, launched an initiative that aims to foster a culture of...

6.9AI score
Exploits0
nessus
nessus
added 2016/08/24 12:0 a.m.39 views

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20160823)

Security Fixes : It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then...

5.8CVSS6.9AI score0.15073EPSS
Exploits3References2
bdu_fstec
bdu_fstec
added 2016/01/26 12:0 a.m.8 views

The vulnerability of Solaris Cluster software allows a hacker to trigger a service failure.

The vulnerability of the Resource Group Manager sub-component of the Solaris Cluster software is related to errors in the code. Exploiting this vulnerability can allow an attacker to cause the operating system to become unresponsive, or in rare cases, to cause a crash...

4.9CVSS7.2AI score0.00371EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2016/01/23 12:0 a.m.6 views

Denial of Service Vulnerability in Solaris Cluster Resource Group Manager Component

Solaris is a unix-based operating system. An unspecified vulnerability in the Solaris Cluster Resource Group Manager component allows local attackers to exploit the vulnerability to launch denial of service attacks...

4.9CVSS6.5AI score0.00371EPSS
Exploits0References1
osv
osv
added 2016/01/21 3:0 a.m.4 views

CVE-2016-0465

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect availability via unknown vectors related to Resource Group Manager...

5.8AI score0.00371EPSS
Exploits0References2
Rows per page
Query Builder