Lucene search
K

10861 matches found

Tenable Nessus
Tenable Nessus
added 2021/05/04 12:0 a.m.70 views

Oracle Linux 6 : kernel (ELSA-2021-9212)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9212 advisory. 2.6.32-754.35.1.0.3.OL6 - Fixes for RHSA-2021:1288 Orabug: 32809880 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.8CVSS6.7AI score0.02079EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2021/05/03 12:0 a.m.35 views

RHEL 7 : kpatch-patch (RHSA-2021:1377)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1377 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

8.1CVSS7.3AI score0.06563EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2021/04/28 10:54 a.m.4 views

eclipse: Help Subsystem does not authenticate active help requests

It was found that the Eclipse Platform does not authenticate requests to the Help subsystem on the local web server. A local attacker could use this vulnerability to disrupt the Eclipse user's session, potentially causing Eclipse to damage or disclose data owned by that user...

7.8CVSS5.8AI score0.00336EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/27 8:47 a.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 8:43 a.m.99 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS7AI score0.06563EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/04/27 7:25 a.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 6:55 a.m.124 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.8AI score0.02079EPSS
Exploits3References4
GoogleProjectZero
GoogleProjectZero
added 2021/04/22 12:0 a.m.544 views

Designing sockfuzzer, a network syscall fuzzer for XNU

Posted by Ned Williamson, Project Zero Introduction When I started my 20% project – an initiative where employees are allocated twenty-percent of their paid work time to pursue personal projects – with Project Zero, I wanted to see if I could apply the techniques I had learned fuzzing Chrome to...

9.3CVSS8.3AI score0.2201EPSS
Exploits17
OSV
OSV
added 2021/04/21 12:30 p.m.9 views

SUSE-SU-2021:1301-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem bsc1178181. - CVE-2020-36311: Fixed a denial of service...

7.8CVSS7.3AI score0.03233EPSS
Exploits3References35
CNVD
CNVD
added 2021/04/21 12:0 a.m.6 views

Linux kernel resource management error vulnerability (CNVD-2021-30592)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in versions of Linux kernel prior to 5.7, which stems from the KVM subsystem allowing out-of-scope access after deletion. No...

7.8CVSS6.4AI score0.0032EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/04/20 8:51 p.m.5 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/20 3:36 p.m.98 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.8AI score0.02079EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2021/04/20 3:19 p.m.0 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/20 3:19 p.m.5 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/04/20 12:59 p.m.76 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

7.8CVSS6.7AI score0.02079EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2021/04/20 12:59 p.m.6 views

kernel: performance counters race condition use-after-free

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integri...

7.8CVSS6.8AI score0.00302EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/04/20 12:0 a.m.7 views

PT-2021-6923 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.14.13 Description: The issue is related to a buffer overflow in the firewire subsystem of the Linux kernel, specifically in the drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files...

9.8CVSS7.9AI score0.93838EPSS
Exploits348References1857
Positive Technologies
Positive Technologies
added 2021/04/20 12:0 a.m.6 views

PT-2021-8007 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the use of memory after it has been freed during the registration of input/output devices in the Kernel-based Virtual Machine KVM subsystem of the Linux kernel...

7.8CVSS6.7AI score0.08555EPSS
Exploits6References1398
NVD
NVD
added 2021/04/19 4:15 p.m.13 views

CVE-2020-28141

The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page...

5.4CVSS0.00604EPSS
Exploits1References1
Prion
Prion
added 2021/04/19 4:15 p.m.12 views

Design/Logic Flaw

The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page...

3.5CVSS5.3AI score0.00604EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder