Lucene search
+L

182 matches found

Tenable Nessus
Tenable Nessus
added 2021/07/17 12:0 a.m.299 views

SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:2387-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2387-1 advisory. This update for the Linux Kernel 5.3.18-2437 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possible...

7.8CVSS6.9AI score0.00482EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.53 views

SUSE SLES12: kernel-livepatch-5_3_18-24_52-default / etc (SUSE-SU-2021:2366-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2366-1 advisory. This update for the Linux Kernel 4.12.14-12271 fixes one issue. The following security issue was fixed: - CVE-2021-23133: Fixed a race conditio...

7CVSS6.8AI score0.00482EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/07/15 12:0 a.m.275 views

SUSE SLES12: kernel-livepatch-4_12_14-197_83-default / etc (SUSE-SU-2021:2332-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2332-1 advisory. This update for the Linux Kernel 4.12.14-12263 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed ...

7.8CVSS6.9AI score0.00482EPSS
Exploits1References7
NVD
NVD
added 2021/07/14 2:15 p.m.18 views

CVE-2021-0515

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

10CVSS0.01436EPSS
Exploits0References1
NVD
NVD
added 2021/07/14 2:15 p.m.30 views

CVE-2021-0514

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

9.3CVSS0.011EPSS
Exploits0References1
Prion
Prion
added 2021/07/14 2:15 p.m.14 views

Out-of-bounds

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

10CVSS9.2AI score0.01436EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/07/14 2:15 p.m.19 views

Race condition

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

9.3CVSS8.3AI score0.011EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/14 1:43 p.m.23 views

CVE-2021-0515

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

9.5AI score0.01436EPSS
Exploits0References1
CVE
CVE
added 2021/07/14 1:43 p.m.131 views

CVE-2021-0514

CVE-2021-0514 affects the Android platform through a race condition in several functions of the V8 library, causing a use-after-free that can enable remote code execution in an unprivileged process. Exploitation is possible with network access (no user interaction required) and affects Android ve...

9.3CVSS8.3AI score0.011EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/14 1:43 p.m.27 views

CVE-2021-0514

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

8.5AI score0.011EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/07/12 12:0 a.m.57 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9349)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9349 advisory. - Bluetooth: verify AMP hcichan before ampdestroy Archie Pusaka Orabug: 32912101 CVE-2021-33034 - bluetooth: eliminate the potential race condition whe...

7.8CVSS6.8AI score0.00819EPSS
Exploits4References5
OSV
OSV
added 2021/07/01 12:0 a.m.29 views

ASB-A-167389063

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS9.6AI score0.01436EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/06/23 12:0 a.m.50 views

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5003-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5003-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free...

7.8CVSS7.1AI score0.00482EPSS
Exploits2References4
Amd
Amd
added 2021/06/12 12:0 a.m.43 views

TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV)

Bulletin ID: AMD-SB-1023 Potential Impact: Loss of Integrity, Confidentiality and Availability Summary A malicious hypervisor HV along with an unprivileged process controlled by an attacker and executing in a guest VM, may maliciously control the process of flushing the Translation Lookaside Buff...

8.4CVSS8.2AI score0.00239EPSS
Exploits0
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.4 views

MalwareFox Anti-Malware 安全漏洞

MalwareFox Anti-Malware is an application from the American company MalwareFox. A malicious code detection software. A security vulnerability exists in MalwareFox AntiMalware 2.74.0.150, which allows the execution of ring 0 code to be exposed in the context of a driver, allowing an unprivileged...

7.8CVSS7.6AI score0.03371EPSS
Exploits2References2
Mageia
Mageia
added 2021/05/04 8:40 p.m.57 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.33 and fixes at least the following security issues: A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If...

7CVSS1.9AI score0.01071EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1810)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.02461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.32 views

EulerOS 2.0 SP3 : libjpeg-turbo (EulerOS-SA-2021-1810)

According to the version of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds check. This could lea...

9.3CVSS8AI score0.02461EPSS
Exploits0References2
NVD
NVD
added 2021/04/22 6:15 p.m.21 views

CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

7CVSS0.00482EPSS
Exploits1References12
OSV
OSV
added 2021/04/22 6:15 p.m.7 views

CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

7CVSS7.3AI score
Exploits0References12
Rows per page
Query Builder