Lucene search
K

10852 matches found

OSV
OSV
added 2022/03/22 6:27 a.m.10 views

USN-5337-1 linux, linux-aws, linux-aws-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle, linux-raspi vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 Yiqi Sun and Kevin Wang discovered that the cgrou...

9.1CVSS7AI score0.67994EPSS
Exploits26References22
OpenVAS
OpenVAS
added 2022/03/21 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1328)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.03615EPSS
Exploits2References4
OSV
OSV
added 2022/03/18 12:24 a.m.10 views

GSD-2022-1000855 configfs: fix a race in configfs_{,un}register_subsystem()

configfs: fix a race in configfs,unregistersubsystem This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.103 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/16 3:15 p.m.1 views

DEBIAN-CVE-2021-39686

In several functions of binder.c, there is a possible way to represent the wrong domain to SELinux due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7CVSS7.6AI score0.00145EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2022/03/16 2:4 p.m.81 views

CVE-2021-39685

In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.5AI score0.00461EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.4 views

The compatibility subsystem for running Linux applications allows the Windows Subsystem for Linux (WSL), a operating system from Microsoft Windows, to be utilized by attackers to increase their privileges.

The vulnerability of the compatibility subsystem for running Linux applications, namely the Windows Subsystem for Linux WSL of the Microsoft operating system, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.1AI score0.00445EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.4 views

The vulnerability of the Redirected Drive Buffering Subsystem in the operating system of Microsoft Windows allows a hacker to disclose protected information.

The vulnerability of the Redirected Drive Buffering Subsystem in the Microsoft Windows operating system is related to information disclosure. Exploiting this vulnerability can allow attackers to disclose protected information...

5.5CVSS6.2AI score0.0074EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.13 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in iOS 15.4 and iPadOS versions prior to 15.4, which arises from an issue with...

7.8CVSS7.3AI score0.08067EPSS
Exploits0References7
OSV
OSV
added 2022/03/10 5:44 p.m.9 views

AZL-8996 CVE-2022-0433 affecting package kernel for versions less than 5.15.37.1-2

A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1...

5.5CVSS6.7AI score0.00281EPSS
Exploits0References1
Prion
Prion
added 2022/03/10 5:44 p.m.19 views

Null pointer dereference

A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1...

4.9CVSS5AI score0.00281EPSS
Exploits0References3Affected Software2
UbuntuCve
UbuntuCve
added 2022/03/10 5:44 p.m.53 views

CVE-2022-0433

A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the mapgetnextkey function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1...

5.5CVSS6.7AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2022/03/10 5:42 p.m.10 views

CVE-2021-3732

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...

5.5CVSS7.9AI score0.00326EPSS
Exploits0References4
Cloud Foundry
Cloud Foundry
added 2022/03/10 12:0 a.m.47 views

USN-5267-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute...

7.9CVSS7.8AI score0.01751EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2022/03/10 12:0 a.m.23 views

Debian: Security Advisory (DSA-5095-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.05528EPSS
Exploits21References4
CVE
CVE
added 2022/03/09 4:32 p.m.126 views

CVE-2022-0433

CVE-2022-0433 is a local denial-of-service vulnerability in the Linux kernel’s BPF subsystem. The issue is a NULL pointer dereference in the map_get_next_key function of the BPF bloom filter, allowing a local user to crash the system. Affected software: Linux kernel versions prior to 5.17-rc1. Ro...

5.5CVSS5AI score0.00281EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/09 12:0 a.m.7 views

PT-2022-14301 · Mediatek +1 · Mt6580 +1

Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned, so the information cannot be accurately provided. Description: The issue is related to a possible AT command injection in the ims service due to a missing permission check. This could lead ...

7.8CVSS7.8AI score0.00209EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/09 12:0 a.m.171 views

Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-067-01)

The version of kernel-generic installed on the remote host is prior to 5.15.27 / 5.15.27smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-067-01 advisory. - A use-after-free vulnerability was found in rtsxusbmsdrvremove in drivers/memstick/host/rtsxusbms.c ...

9CVSS7AI score0.88106EPSS
Exploits120References8
OpenVAS
OpenVAS
added 2022/03/08 12:0 a.m.38 views

Debian: Security Advisory (DSA-5092-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.3AI score0.88106EPSS
Exploits106References6
Tenable Nessus
Tenable Nessus
added 2022/03/08 12:0 a.m.91 views

Amazon Linux AMI : kernel (ALAS-2022-1571)

The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1571 advisory. Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre...

9CVSS7.2AI score0.67994EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.89 views

Debian DSA-5092-1 : linux - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5092 advisory. - In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to caus...

9CVSS7.2AI score0.88106EPSS
Exploits106References23
Rows per page
Query Builder