Lucene search
K

10861 matches found

CNVD
CNVD
added 2021/05/28 12:0 a.m.11 views

Apple macOS Big Sur Input Validation Error Vulnerability

Apple macOS Big Sur is a mobile application app from Apple USA. The macOS Big Sur vulnerability is an input validation error vulnerability that arises from a failure to adequately validate user-supplied input within the TCC subsystem, which could allow a malicious application to bypass privacy...

7.8CVSS6.4AI score0.0658EPSS
Exploits0References1
OSV
OSV
added 2021/05/27 7:15 p.m.4 views

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rhfeatures file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to...

5.5CVSS6.7AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.2 views

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. macOS is vulnerable to a privilege-granting and access-control issue, which arises from an application that does not properly impose security restrictions within the AMD subsystem. A remote attacker could...

9.8CVSS7.5AI score0.03202EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.4 views

Apple macOS 输入验证错误漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. Apple macOS is vulnerable to an input validation error vulnerability that exists due to a symbolic link issue in the Core Services subsystem, which allows a local user to create specially crafted symbolic lin...

9.3CVSS6.8AI score0.00995EPSS
Exploits0References10
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.3 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple, Inc. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in the audio subsystem. A remote attacker could exploit the vulnerability could create a specially crafted audio file, trick a victim into opening i...

5.5CVSS6.5AI score0.0085EPSS
Exploits0References11
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.6 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. Apple tvOS suffers from a buffer error vulnerability that stems from a boundary condition in the coreaudio subsystem. A remote attacker could use this vulnerability to create a specially crafted audio file, tric...

5.5CVSS6.6AI score0.00836EPSS
Exploits0References11
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.5 views

Apple tvOS 输入验证错误漏洞

Apple tvOS is a smart TV operating system from Apple, Inc. tvOS suffers from an input validation error vulnerability that originates from insufficient user-supplied input validation in the operating system kernel subsystem. A remote attacker could exploit this vulnerability to send a specially...

7.5CVSS6.8AI score0.01651EPSS
Exploits0References10
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.6 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple, Inc. tvOS suffers from a buffer error vulnerability that stems from a boundary error in the audio subsystem. A remote attacker could exploit the vulnerability to create a specially crafted audio file, trick the victim into opening it,...

8.8CVSS7.9AI score0.01802EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/05/20 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-4945-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01316EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/05/19 5:48 a.m.160 views

USN-4945-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau G...

8.8CVSS6.5AI score0.01316EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2021/05/19 12:24 a.m.36 views

CVE-2019-25044

A flaw was found in the Linux kernel. The block subsystem has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS3.6AI score0.00645EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/05/19 12:0 a.m.70 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-4945-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4945-2 advisory. USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux...

8.8CVSS6.6AI score0.01316EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2021/05/18 4:7 p.m.2 views

kernel: use-after-free in kernel midi subsystem

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

7.8CVSS7.3AI score0.01659EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.5 views

kernel: Use After Free vulnerability in cgroup BPF component

A use-after-free flaw was found in the Linux kernel’s cgroupv2 subsystem when rebooting the system. This flaw allows a local user to crash the system or escalate their privileges. The highest threat from this vulnerability is to system availability...

7.8CVSS7AI score0.00965EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.1 views

kernel: perf_event_parse_addr_filter memory

A memory leak flaw was found in the Linux kernel’s performance monitoring subsystem when using PERFEVENTIOCSETFILTER. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability...

5.5CVSS7.1AI score0.00348EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.1 views

kernel: possible out of bounds write in kbd_keycode of keyboard.c

A flaw out of bounds write in the Linux kernel human interface devices subsystem was found in the way user calls find key code by index. A local user could use this flaw to crash the system or escalate privileges on the system...

6.7CVSS7.1AI score0.00223EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.3 views

kernel: use-after-free in kernel midi subsystem

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

7.8CVSS7.3AI score0.01659EPSS
Exploits2References5
OSV
OSV
added 2021/05/18 5:33 a.m.56 views

ALSA-2021:1578 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c CVE-2019-18811 kernel: use-after-free caused by a...

7.8CVSS8.5AI score0.03292EPSS
Exploits6References26
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.65 views

openSUSE Security Update : the Linux Kernel (openSUSE-2021-716)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2021-29650: The netfilter subsystem allowed attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a...

5.5CVSS7AI score0.01071EPSS
Exploits0References59
OSV
OSV
added 2021/05/14 11:15 p.m.21 views

CVE-2019-25044

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...

7.8CVSS7.7AI score0.00645EPSS
Exploits1References5
Rows per page
Query Builder