Lucene search
K

10863 matches found

RedHat Linux
RedHat Linux
added 2021/03/16 1:57 p.m.1 views

kernel: out-of-bounds reads in pinctrl subsystem.

A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed...

5.5CVSS6.9AI score0.00492EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/16 1:57 p.m.8 views

kernel: use-after-free in read in vt_do_kdgkb_ioctl

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality...

4.1CVSS6.7AI score0.00434EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/03/16 1:57 p.m.3 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/03/16 1:49 p.m.4 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/03/16 9:28 a.m.4 views

kernel: performance counters race condition use-after-free

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integri...

7.8CVSS6.8AI score0.00302EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.19 views

NewStart CGSL MAIN 6.02 : bluez Vulnerability (NS-SA-2021-0072)

The remote NewStart CGSL host, running version MAIN 6.02, has bluez packages installed that are affected by a vulnerability: - Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service v...

7.1CVSS6AI score0.01033EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.232 views

EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-1386)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13...

9.8CVSS7.5AI score0.06692EPSS
Exploits11References22
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.55 views

Debian DLA-2586-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-19318, CVE-2019-19813, CVE-2019-19816 'Team bobfuzzer' reported bugs in Btrfs that could lead to a use-after-free or heap buffer overflow, and...

9.3CVSS7.4AI score0.06563EPSS
Exploits11References23
NVD
NVD
added 2021/03/09 7:15 p.m.7 views

CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

7.8CVSS0.00336EPSS
Exploits1References1
OSV
OSV
added 2021/03/09 7:15 p.m.4 views

CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

7.8CVSS6.9AI score0.00336EPSS
Exploits1References1
Prion
Prion
added 2021/03/09 7:15 p.m.11 views

Design/Logic Flaw

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

4.6CVSS7.6AI score0.00336EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/03/09 7:15 p.m.20 views

CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

7.8CVSS6.9AI score0.00336EPSS
Exploits1References2
OSV
OSV
added 2021/03/09 7:15 p.m.2 views

UBUNTU-CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

7.8CVSS6.9AI score0.00336EPSS
Exploits1References3
CVE
CVE
added 2021/03/09 6:15 p.m.175 views

CVE-2020-27225

CVE-2020-27225 affects the Eclipse Platform (versions 4.18 and earlier). The vulnerability stems from the Help Subsystem not authenticating active help requests to the local help web server, allowing a local, unauthenticated attacker to issue active help commands to the Eclipse Platform process o...

7.8CVSS7.5AI score0.00336EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/09 6:15 p.m.19 views

CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

7.6AI score0.00336EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/03/09 6:15 p.m.16 views

CVE-2020-27225

Removed by vendor...

7.8CVSS6.8AI score0.00336EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/03/09 11:15 a.m.2 views

kernel: performance counters race condition use-after-free

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integri...

7.8CVSS6.8AI score0.00302EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/09 11:15 a.m.1 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/03/09 10:24 a.m.1 views

kernel: performance counters race condition use-after-free

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integri...

7.8CVSS6.8AI score0.00302EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/03/09 9:38 a.m.2 views

kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References4
Rows per page
Query Builder