Lucene search
+L

398 matches found

Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.65 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1887-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

8.8CVSS7.2AI score0.0054EPSS
Exploits0References17
OSV
OSV
added 2020/07/10 1:49 p.m.11 views

SUSE-SU-2020:1887-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

8.8CVSS6.9AI score0.0054EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2019/11/13 12:0 a.m.38 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:2961-1)

This update for xen fixes the following issues : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945...

9.8CVSS7.4AI score0.03133EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.46 views

SUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

9.8CVSS7.2AI score0.04428EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.43 views

SUSE SLES12 Security Update : xen (SUSE-SU-2019:1349-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

9.8CVSS7.2AI score0.04428EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2019/04/05 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : Recommended update for xen (SUSE-SU-2019:0875-1)

This update for xen fixes the following issues : Security issues fixed : CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host, resulting in a Denial of Service DoS. XSA-282 bsc1114988 Fixed an issue which could allow malicious PV guests may cause a host crash or gain acces...

6.5CVSS6.7AI score0.00454EPSS
Exploits0References17
OSV
OSV
added 2019/04/04 1:56 p.m.6 views

SUSE-SU-2019:0875-1 Recommended update for xen

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host, resulting in a Denial of Service DoS. XSA-282 bsc1114988 - Fixed an issue which could allow malicious PV guests may cause a host crash or gain...

6.5CVSS8.2AI score0.00454EPSS
Exploits0References16
OSV
OSV
added 2019/03/23 9:56 a.m.7 views

OPENSUSE-SU-2019:0054-1 Security update for gitolite

This update for gitolite fixes the following security issue: - CVE-2018-20683: The rsync command line was not handled correctly, allow malicious rsync options boo1121570 The version update to 3.6.11 also contains a number of upstream bug fixes...

8.1CVSS8.1AI score0.02009EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/01/17 12:0 a.m.160 views

Security update for gitolite (moderate)

openSUSE Security Update: Security update for gitolite Announcement ID: openSUSE-SU-2019:0054-1 Rating: moderate References: 1121570 Cross-References: CVE-2018-20683 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now...

8.1CVSS7.9AI score0.02009EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/12/13 12:0 a.m.61 views

openSUSE Security Update : xen (openSUSE-2018-1530)

This update for xen fixes the following issues : Security issues fixed : - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsidomsgin bsc1114423. - CVE-2018-18883: Fixed a NULL pointer dereference th...

8.8CVSS6.6AI score0.00561EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2018/12/13 12:0 a.m.47 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:4070-1)

This update for xen fixes the following issues : Security issues fixed : CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsidomsgin bsc1114423. CVE-2018-18883: Fixed a NULL pointer dereference that...

8.8CVSS6.8AI score0.00561EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.39 views

Scientific Linux Security Update : X.org X11 on SL7.x x86_64 (20181030)

Security Fixes : - libxcursor: 1-byte heap-based overflow in XcursorThemeInherits function in library.c CVE-2015-9262 The SL Team added a fix for upstream bug 1650634 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119178;...

9.8CVSS6.9AI score0.05907EPSS
Exploits0References2
0day.today
0day.today
added 2018/10/29 12:0 a.m.77 views

systemd - chown_one() can Dereference Symlinks Exploit

Exploit for linux platform in category dos / poc I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it...

7.4AI score0.01058EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/10/26 12:0 a.m.68 views

Linux systemd Line Splitting

systemd: reexec state injection: fgets on overlong lines leads to line splitting CVE-2018-15686 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When system...

7.6AI score0.02279EPSS
Exploits4
OPENSUSE Linux
OPENSUSE Linux
added 2018/04/21 12:6 a.m.115 views

Security update for cfitsio (important)

This update for cfitsio fixes the following issues: Security issues fixed: - CVE-2018-1000166: Unsafe use of sprintf can allow a remote unauthenticated attacker to execute arbitrary code boo1088590 This update to version 3.430 also contains a number of upstream bug fixes. The following tracked...

3.7AI score
Exploits0References2
RubySec
RubySec
added 2018/03/29 12:0 a.m.61 views

Revert libxml2 behavior in Nokogiri gem that could cause XSS

MRI Behavior in libxml2 has been reverted which caused CVE-2018-8048 loofah gem, CVE-2018-3740 sanitize gem, and CVE-2018-3741 rails-html-sanitizer gem. The commit in question is here: https://github.com/GNOME/libxml2/commit/960f0e2 and more information is available about this commit and its impa...

6.1CVSS0.7AI score0.01984EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/11/13 12:0 a.m.47 views

openSUSE Security Update : ansible (openSUSE-2017-1259)

This update for ansible to version 2.4.1.0 fixes the following vulnerabilities : - CVE-2017-7481: Security issue with lookup return not tainting the jinja2 environment bsc1038785 - CVE-2016-9587: host to controller command execution vulnerability bsc1019021 - CVE-2016-8628: Command injection by...

9.8CVSS6.8AI score0.1765EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2017/09/06 12:0 a.m.29 views

openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)

This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...

6.1CVSS6.3AI score0.01374EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/03/20 4:59 p.m.36 views

CVE-2015-8985

The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing...

5.9CVSS6.9AI score0.03001EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/02/17 5:59 p.m.22 views

CVE-2014-9905

Multiple cross-site scripting XSS vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 title of an appointment or 2 contact fields...

6.1CVSS6.4AI score0.01223EPSS
Exploits0References1
Rows per page
Query Builder