UBUNTU-CVE-2017-8925

The omninetopen function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service tty exhaustion by leveraging reference count mishandling...

Google Android kernel UVC driver information disclosure vulnerability

Androidon Nexus5X, etc. are the United States Google Google and the Open Handheld Alliance OHA jointly developed a set of running in the Nexus5X smartphone and Linux-based open source operating system. kernel UVC Driver one of the kernel USB Video Capture Driver. An information disclosure...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability in the driver/hid/hid-cp2112.c kernel of the Linux operating system exists due to improper cleaning or release of resources. Exploiting this vulnerability allows an attacker, operating locally, to trigger a service failure using unpredictable vectors, without considering that a...

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

Linux kernel denial of service vulnerability (CNVD-2017-05859)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the drivers/net/usb/pegasus.c file in versions 4.9.x of the Linux kernel prior to 4.9.11, which can be exploited by a local attacke...

CVE-2017-7306

Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...

Default credentials

DISPUTED Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor...

CVE-2017-7306

Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...

CVE-2017-7306

Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...

CVE-2017-7306

Riverbed RiOS before version 9.6.1 exposes a weak default password for the secure vault. This weakness can be exploited by physically proximate attackers who know the password algorithm and the appliance serial number, enabling defeat of the secure-vault protection mechanism. Documentation consis...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the serialexitcore function in the hw/char/serial.c file of the QEMU hardware emulation software is related to a memory leak. Exploiting this vulnerability could allow an attacker to trigger a service failure memory consumption...

kernel: double-free in usb-audio triggered by invalid USB descriptor

A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. An attacker with physical access to the system could use this flaw to escalate their privileges...

springfieldrecall.com XSS vulnerability

Open Bug Bounty ID: OBB-219714 Description| Value ---|--- Affected Website:| springfieldrecall.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

The vulnerability of the Android operating system, which allows a malicious actor to compromise data privacy

The vulnerability of the USB driver of Android devices is related to the lack of protection for sensitive data. Exploiting this vulnerability allows a malicious actor to compromise data confidentiality through a local malware application...

DEBIAN-CVE-2017-5579

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

UBUNTU-CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

UBUNTU-CVE-2017-5579

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

The vulnerability of the iOS operating system, which allows a hacker to execute arbitrary code

The vulnerability of the Image Capture component in the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a local attacker to execute arbitrary code using a specially created USB HID device...

How to Generate a Crashdump from an Unresponsive XenServer 7

This article describes how to generate a crashdump from an unresponsive XenServer 7. If XenServer crashes, the running kernel can migrate into a special memory area which is based on kexec functions that loads a special kernel without the need for a server cold restart. This new kernel attempts t...

Debian DSA-3791-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. - CVE-2016-6786 / CVE-2016-6787 It was discovered that the performance events subsystem does not properly manage locks during certain migrations,...