Lucene search
K

84 matches found

OSV
OSV
added 2019/05/09 4:29 p.m.3 views

DEBIAN-CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream i...

5.9CVSS6.7AI score0.03437EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/05/09 12:0 a.m.6 views

PT-2019-12523

Name of the Vulnerable Software and Affected Versions golang.org/x/crypto versions before v0.0.0-20190320223903-b7391e95e576 Description A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystrea...

5.9CVSS6.8AI score0.03437EPSS
Exploits0References35
Debian CVE
Debian CVE
added 2019/05/09 12:0 a.m.34 views

CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream i...

5.9CVSS6AI score0.03437EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/07 12:0 a.m.89 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4316)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4316 advisory. - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack...

10CVSS7AI score0.52841EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2018/12/10 12:0 a.m.53 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4299)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4299 advisory. - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically...

7.8CVSS6.6AI score0.02179EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2018/12/10 12:0 a.m.59 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4300)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4300 advisory. - udf: Check component length before reading it Jan Kara Orabug: 21193696 CVE-2014-9728 - udf: Verify isize when loading inode Shan Hai Orabug:...

7.8CVSS6.7AI score0.01912EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service

The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.4 views

kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service

The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.263 views

EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1232)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local...

7.8CVSS6.8AI score0.00561EPSS
Exploits0References4
Trellix
Trellix
added 2018/07/31 12:0 a.m.10 views

Gandcrab Ransomware Puts Pinch On Victims

ARCHIVED STORY GandCrab Ransomware Puts the Pinch on Victims By Alexandre Mundo · July 31, 2018 Update: On August 9 we added our analysis of Versions 4.2.1 and 4.3. The GandCrab ransomware first appeared in January and has been updated rapidly during its short life. It is the leading ransomware...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-3632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.07679EPSS
Exploits10References2
OSV
OSV
added 2018/04/24 6:25 a.m.14 views

USN-3632-1 linux-azure vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10References16
Ubuntu
Ubuntu
added 2018/04/24 6:25 a.m.97 views

USN-3632-1: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.83 views

Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3632-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3632-1 advisory. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker...

7.8CVSS7.1AI score0.07679EPSS
Exploits10References16
OpenVAS
OpenVAS
added 2018/04/06 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-3620-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.05233EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2018/04/05 1:23 a.m.84 views

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

10CVSS7.7AI score0.74041EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2018/04/05 12:0 a.m.47 views

Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3617-3)

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...

7.8CVSS6.8AI score0.07679EPSS
Exploits10References22
Tenable Nessus
Tenable Nessus
added 2018/04/05 12:0 a.m.73 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3620-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3620-1 advisory. It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A...

10CVSS7.6AI score0.05233EPSS
Exploits0References9
OSV
OSV
added 2018/04/04 7:44 p.m.11 views

USN-3620-1 linux vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

10CVSS7.2AI score0.05233EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2018/04/04 7:44 p.m.89 views

USN-3620-1: Linux kernel vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

10CVSS7.2AI score0.05233EPSS
Exploits0
Rows per page
Query Builder