Lucene search
+L

182 matches found

Prion
Prion
added 2021/04/22 6:15 p.m.32 views

Race condition

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

6.9CVSS6.8AI score0.00482EPSS
Exploits1References12Affected Software3
UbuntuCve
UbuntuCve
added 2021/04/22 6:15 p.m.52 views

CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

7CVSS6.7AI score0.00482EPSS
Exploits1References11
Cvelist
Cvelist
added 2021/04/22 6:0 p.m.29 views

CVE-2021-23133 Linux Kernel sctp_destroy_sock race condition

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

6.7CVSS7.6AI score0.00482EPSS
Exploits1References12
CVE
CVE
added 2021/04/22 6:0 p.m.368 views

CVE-2021-23133

CVE-2021-23133 is a race condition in the Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8. If sctp_destroy_sock executes without sock_net(sk)->sctp.addr_wq_lock, an element is removed from the auto_asconf_splist list without proper locking, enabling a local attacker with networ...

7CVSS7.4AI score0.00482EPSS
Exploits1References12Affected Software1
Debian CVE
Debian CVE
added 2021/04/22 6:0 p.m.46 views

CVE-2021-23133

A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is removed from the...

7CVSS7.3AI score0.00482EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.31 views

FreeBSD : FreeBSD -- double free in accept_filter(9) socket configuration interface (f8e1e2a6-9791-11eb-b87a-901b0ef719ab)

An unprivileged process can configure an accept filter on a listening socket. This is done using the setsockopt2 system call. The process supplies the name of the accept filter which is to be attached to the socket, as well as a string containing filter-specific information. If the filter...

7.8CVSS7.3AI score0.00749EPSS
Exploits0References2
Prion
Prion
added 2021/04/07 3:15 p.m.21 views

Code injection

In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r369551, 11.4-STABLE before r369559, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, copy-on-write logic failed to invalidate shared memory page mappings between multiple processes allowing an unprivileged process t...

2.1CVSS5.3AI score0.00336EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/03/10 4:15 p.m.1 views

CVE-2021-0396

In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...

9.8CVSS7.8AI score0.0193EPSS
Exploits1References1
NVD
NVD
added 2021/03/10 4:15 p.m.20 views

CVE-2021-0396

In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...

9.8CVSS0.0193EPSS
Exploits1References1
Prion
Prion
added 2021/03/10 4:15 p.m.18 views

Out-of-bounds

In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...

7.5CVSS9.3AI score0.0193EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.39 views

EulerOS Virtualization 3.0.2.6 : libjpeg-turbo (EulerOS-SA-2021-1438)

According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds chec...

9.3CVSS7.3AI score0.03194EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1489)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.2AI score0.02461EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-1405)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.02461EPSS
Exploits0References2
OSV
OSV
added 2021/03/01 12:0 a.m.24 views

ASB-A-160610106

In Builtins::GenerateArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is n...

9.8CVSS9.5AI score0.0193EPSS
Exploits1References2
OSV
OSV
added 2020/10/06 7:15 p.m.2 views

CVE-2020-26603

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...

5.3CVSS7.2AI score0.00488EPSS
Exploits0References1
NVD
NVD
added 2020/10/06 7:15 p.m.17 views

CVE-2020-26603

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...

5.3CVSS0.00488EPSS
Exploits0References1
NVD
NVD
added 2020/10/06 7:15 p.m.30 views

CVE-2020-26602

An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...

7.5CVSS0.00431EPSS
Exploits0References1
Prion
Prion
added 2020/10/06 7:15 p.m.16 views

Code injection

An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...

5CVSS7.6AI score0.00431EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/06 6:36 p.m.33 views

CVE-2020-26602

An issue was discovered in EthernetNetwork on Samsung mobile devices with O8.1, P9.0, Q10.0, and R11.0 software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 October 2020...

7.6AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/06 6:36 p.m.38 views

CVE-2020-26604

An issue was discovered in SystemUI on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 October 2020...

7.5AI score0.00413EPSS
Exploits0References1
Rows per page
Query Builder