Lucene search
K

5094 matches found

RedHat Linux
RedHat Linux
added 2021/04/27 7:25 a.m.4 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 6:55 a.m.9 views

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

7.8CVSS6.9AI score0.02079EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/27 6:55 a.m.5 views

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

7.1CVSS6.7AI score0.00957EPSS
Exploits1References4
OSV
OSV
added 2021/04/26 3:15 p.m.2 views

ALPINE-CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS6.5AI score0.0105EPSS
Exploits0References1
OSV
OSV
added 2021/04/26 3:15 p.m.23 views

CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS6.3AI score
Exploits0References14
NVD
NVD
added 2021/04/26 3:15 p.m.18 views

CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS0.0105EPSS
Exploits0References14
Prion
Prion
added 2021/04/26 3:15 p.m.21 views

Integer overflow

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.2CVSS7.2AI score0.0105EPSS
Exploits0References14Affected Software4
Cvelist
Cvelist
added 2021/04/26 2:29 p.m.20 views

CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.6AI score0.0105EPSS
Exploits0References14
CVE
CVE
added 2021/04/26 2:29 p.m.264 views

CVE-2021-3472

CVE-2021-3472 affects xorg-x11-server and related packages up to version before 1.20.11. The root cause is an integer underflow in the X server component (notably XChangeFeedbackControl) that can lead to local privilege escalation, with potential impact to confidentiality, integrity, and availabi...

7.8CVSS7.3AI score0.0105EPSS
Exploits0References14Affected Software1
AlpineLinux
AlpineLinux
added 2021/04/26 2:29 p.m.45 views

CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS7.5AI score0.0105EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/04/26 2:29 p.m.24 views

CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS4.4AI score0.0105EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/04/26 5:52 a.m.3 views

XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader

A flaw was found in xstream. A remote attacker may be able to execute arbitrary code only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.6AI score0.15234EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/26 5:52 a.m.5 views

XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator

A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.6AI score0.14301EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/26 5:52 a.m.1 views

XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue

A flaw was found in xstream. A remote attacker can load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.7AI score0.76367EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/26 5:52 a.m.4 views

XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry

A flaw was found in xstream. A remote attacker, who has sufficient rights, can execute commands of the host by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.9CVSS7.5AI score0.72324EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2021/04/23 7:43 p.m.28 views

CVE-2021-31607

A flaw was found in Salt. A command injection vulnerability occurs in the snapper module that allows local privilege escalation on a minion. This attack requires the creation of a file with a pathname that is backed up by snapper, with the master calling the snapper.diff function. Snapper.diff...

7.8CVSS4.5AI score0.03808EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2021/04/23 7:43 p.m.34 views

CVE-2021-31597

A flaw was found in xmlhttprequest-ssl for Node.js. SSL certificate validation is disabled by default, due to rejectUnauthorized when the property exists but is undefined being considered to be false within the https.request function of Node.js thus, no certificate is ever rejected. The highest...

9.4CVSS2.2AI score0.02056EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/04/22 9:3 a.m.3 views

envoyproxy/envoy: integer overflow handling large grpc-timeouts

A flaw was found in envoyproxy/envoy. An attacker, able to craft a packet which specifies a large grpc-timeout, can potentially cause envoy to incorrectly calculate the timeouts resulting in a denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.0204EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/22 9:1 a.m.3 views

envoyproxy/envoy: integer overflow handling large grpc-timeouts

A flaw was found in envoyproxy/envoy. An attacker, able to craft a packet which specifies a large grpc-timeout, can potentially cause envoy to incorrectly calculate the timeouts resulting in a denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.0204EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/04/22 12:0 a.m.82 views

Amazon Linux 2 : nettle (ALAS-2021-1629)

The version of nettle installed on the remote host is prior to 2.7.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1629 advisory. A flaw was found in Nettle, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Cur...

8.1CVSS6.4AI score0.01607EPSS
Exploits0References3
Rows per page
Query Builder