Lucene search
K

10854 matches found

Tenable Nessus
Tenable Nessus
added 2022/03/08 12:0 a.m.91 views

Amazon Linux AMI : kernel (ALAS-2022-1571)

The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1571 advisory. Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre...

9CVSS7.2AI score0.67994EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.89 views

Debian DSA-5092-1 : linux - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5092 advisory. - In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to caus...

9CVSS7.2AI score0.88106EPSS
Exploits106References23
NVD
NVD
added 2022/03/03 11:15 p.m.17 views

CVE-2021-3640

A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...

7CVSS0.00373EPSS
Exploits1References9
OSV
OSV
added 2022/03/03 11:15 p.m.16 views

CVE-2021-3640

A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...

7CVSS7AI score0.00373EPSS
Exploits1References9
CVE
CVE
added 2022/03/03 10:4 p.m.512 views

CVE-2021-3640

The CVE-2021-3640 entry is confirmed with concrete technical details in Connected documents: a use-after-free in the Linux kernel HCI sco_sock_sendmsg() is triggered by user actions around UFFDIO_REGISTER and related race with sco_conn_del(). The flaw allows a local privileged user to crash the s...

7CVSS7.1AI score0.00373EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2022/03/03 10:4 p.m.21 views

CVE-2021-3640

A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...

7.3AI score0.00373EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2022/03/03 10:4 p.m.81 views

CVE-2021-3640

A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race condition of the call scoconndel together with the call scosocksendmsg with the expected controllable faulting memory page. A privilege...

7CVSS6.5AI score0.00373EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/03/03 7:15 p.m.5 views

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root...

7CVSS6.4AI score0.00431EPSS
Exploits1References16
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/03 12:0 a.m.14 views

Microsoft Windows Privilege Escalation Vulnerability

A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system...

7.8CVSS6.3AI score0.07606EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/03 12:0 a.m.27 views

Microsoft Windows Privilege Escalation Vulnerability

smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges...

7.8CVSS5.1AI score0.05188EPSS
In wildExploits1
VulnCheck KEV
VulnCheck KEV
added 2022/03/03 12:0 a.m.5 views

VulnCheck KEV: CVE-2004-0210

A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system...

7.8CVSS5.8AI score0.07606EPSS
Exploits0References1
Prion
Prion
added 2022/03/02 11:15 p.m.25 views

Design/Logic Flaw

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...

7.2CVSS7.2AI score0.00353EPSS
Exploits2References1Affected Software1
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1292)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01598EPSS
Exploits2References4
Microsoft CVE
Microsoft CVE
added 2022/03/01 8:0 a.m.2 views

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

...

7.9CVSS7.2AI score0.01751EPSS
Exploits1
Veracode
Veracode
added 2022/02/26 1:20 a.m.29 views

Denial Of Service (DoS)

intel-microcode is vulnerable to denial of service. An attacker can crash the application through the out of bounds read under complex microarchitectural condition in memory subsystem for some Intel AtomR Processors...

5.4CVSS4.6AI score0.01001EPSS
Exploits0References2Affected Software4
Tenable Nessus
Tenable Nessus
added 2022/02/26 12:0 a.m.45 views

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2022:0575-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0575-1 advisory. Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors...

6.8CVSS6.5AI score0.01001EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2022/02/26 12:0 a.m.26 views

CentOS: Security Advisory for bpftool (CESA-2022:0620)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.9CVSS7.4AI score0.02579EPSS
Exploits6References4
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.7 views

The vulnerability of the UDF subsystem in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the UDF subsystem in Linux operating systems is related to the assignment of zero pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.1CVSS6.6AI score0.00502EPSS
Exploits1References13Affected Software4
Tenable Nessus
Tenable Nessus
added 2022/02/24 12:0 a.m.65 views

Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:0620)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0620-1 advisory. - kernel: use after free in eventpoll.c may lead to escalation of privilege CVE-2020-0466 - kernel: Use After Free in unixgc which could result i...

7.9CVSS6.8AI score0.02579EPSS
Exploits6References10
OpenVAS
OpenVAS
added 2022/02/23 12:0 a.m.41 views

Ubuntu: Security Advisory (USN-5298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.05918EPSS
Exploits8References4
Rows per page
Query Builder