Lucene search
K

2440 matches found

OSV
OSV
added 2019/03/15 10:5 p.m.11 views

USN-3910-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflushmerge mount option correctly. An attacker could use this to cause a denial of service system crash. CVE-2017-18241 It was discovered that the procfs filesystem did not properly handle processes...

6.7CVSS6.7AI score0.07291EPSS
Exploits6References6
OSV
OSV
added 2019/03/15 10:3 p.m.5 views

USN-3910-2 linux-lts-xenial, linux-aws vulnerabilities

USN-3910-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the f2fs filesystem implementation in the Linux kernel did not...

6.7CVSS6.7AI score0.07291EPSS
Exploits6References6
BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.3 views

The vulnerability of the opensc authentication package for smart cards and system USB tokens in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the opensc authentication package for smart cards and operating system USB tokens in Astra Linux is related to incorrect operation of the Rutek S drivers. Exploiting this vulnerability can allow a hacker to cause service failure...

5.5CVSS5.5AI score
Exploits0References1
The Hacker News
The Hacker News
added 2019/02/27 12:9 p.m.1 views

New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers

Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks. Known for years, Direct...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/02/25 12:0 a.m.3 views

British Airways Entertainment System Buffer Overflow Vulnerability

The British Airways Entertainment System is an in-flight audio-visual entertainment system. A security vulnerability exists in the British Airways Entertainment System installed on Boeing 777-36NER and other aircraft, which arises from a program that does not prevent the USB charge/digit transfer...

6.8CVSS6.5AI score0.0048EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/20 12:0 a.m.4 views

Intel USB 3.0 eXtensible Host Controller Driver Local Code Injection Vulnerability

Intel USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 is a USB Universal Serial Bus 3.0 eXtensible Host Controller Driver for the Windows 7 platform from Intel Corporation. Host Controller Driver for Microsoft Windows 7. A code injection vulnerability exists in the installer in...

6.7CVSS7AI score0.00511EPSS
Exploits0References1
OSV
OSV
added 2019/02/08 11:0 a.m.4 views

UBUNTU-CVE-2018-20340

Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is...

6.8CVSS7.3AI score0.00499EPSS
Exploits0References2
OSV
OSV
added 2018/12/17 7:29 a.m.10 views

AZL-34325 CVE-2018-20169 affecting package kernel for versions less than 5.15.148.2-2

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c...

6.8CVSS6.6AI score0.00586EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/11/23 12:0 a.m.5 views

PT-2018-2862 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.19.9 Description: An issue in the Linux kernel's USB subsystem mishandles size checks during the reading of an extra descriptor, related to the usb get extra descriptor function in drivers/usb/core/usb.c. This...

10CVSS7.4AI score0.93838EPSS
Exploits138References1219
OSV
OSV
added 2018/11/14 11:1 p.m.7 views

USN-3822-1 linux vulnerabilities

Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the BP and OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service guest OS crash. CVE-2016-9588 It was discovered that the generic SCSI driver in the Linux kernel did...

8.4CVSS7.2AI score0.00552EPSS
Exploits0References6
CNVD
CNVD
added 2018/10/18 12:0 a.m.3 views

Huawei cell phone information leakage vulnerability

Anne-AL00 is a smartphone from Huawei. An information disclosure vulnerability exists in the Huawei Anne-AL00 phone. An attacker connecting the phone via USB can exploit this vulnerability to obtain device-specific information about the phone due to improper privilege settings for specific comman...

2.4CVSS3.9AI score0.0023EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/09/27 12:0 a.m.6 views

September 13, 2016 — KB3189866 (OS Builds 14393.187 and 14393.189)

September 13, 2016 — KB3189866 OS Builds 14393.187 and 14393.189 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Windows Shell, map apps, Internet Explorer 11, and...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/09/04 12:0 a.m.3 views

Linux kernel elevation of privilege vulnerability (CNVD-2018-19417)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An elevation of privilege vulnerability exists in the yurexread file in drivers/usb/misc/yurex.c in versions of the Linux kernel prior to 4.17.7, which can be exploite...

7.8CVSS6.1AI score0.0044EPSS
Exploits0References1
OSV
OSV
added 2018/08/31 12:0 a.m.4 views

UBUNTU-CVE-2018-16276

An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

7.8CVSS6.7AI score0.0044EPSS
Exploits0References12
CNVD
CNVD
added 2018/08/17 12:0 a.m.3 views

Yubico-Piv Buffer Overflow Vulnerability (CNVD-2018-16943)

Yubico-Piv is a tool for interacting with YubiKey's Identity Card PIV application. A buffer overflow vulnerability exists in the 'ykpivfetchobject' function in the lib/ykpiv.c file in Yubico-Piv version 1.5.0. The vulnerability can be exploited to execute malicious code via a specially crafted US...

4.6CVSS6.2AI score0.00445EPSS
Exploits1References1
OSV
OSV
added 2018/06/12 4:29 p.m.1 views

DEBIAN-CVE-2018-5814

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets...

7CVSS7.6AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2018/04/24 4:49 a.m.4 views

USN-3631-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2017-13305 It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly...

7.8CVSS7.1AI score0.03543EPSS
Exploits1References6
OSV
OSV
added 2018/01/31 12:0 a.m.2 views

UBUNTU-CVE-2017-16914

The "stubsendretsubmit" function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service NULL pointer dereference via a specially crafted USB over IP packet...

5.9CVSS6.6AI score0.04456EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.6 views

The vulnerability of the dvb_frontend_free function (drivers/media/dvb-core/dvb_frontend.c) in the Linux kernel allows a hacker to cause a service failure or exert other effects.

The vulnerability of the dvbfrontendfree function located in the drivers/media/dvb-core/dvbfrontend.c file in the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker, operating locally, to cause service failures or other effects...

6.8CVSS7.1AI score0.00383EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.9 views

The vulnerability of the parse_hid_report_descriptor function (drivers/input/tablet/gtco.c) in the Linux operating system allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the parsehidreportdescriptor function in the Linux kernel’s drivers/input/tablet/gtco.c file arises from a read operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service failures or other effects such as...

6.8CVSS7.1AI score0.00482EPSS
Exploits0References22Affected Software1
Rows per page
Query Builder