Lucene search
K

51 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.24 views

CBL Mariner 2.0 Security Update: heimdal / samba (CVE-2022-41916)

The version of heimdal / samba installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41916 advisory. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerab...

7.5CVSS6.2AI score0.00891EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.39 views

Fedora 36 : heimdal (2022-dba9ba8e2b)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dba9ba8e2b advisory. Fixes: Delay service starts until after network is online rhbz2005501 Restart services on package update will apply when updating from this release...

9.8CVSS6.7AI score0.06419EPSS
Exploits1References7
OSV
OSV
added 2022/11/15 12:0 a.m.33 views

CVE-2022-41916 Read one byte past a buffer when normalizing Unicode

Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC via PKINIT and kinit via PKINIT, as well as any third-party applications using Heimdal's...

5.9CVSS5.6AI score0.00891EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1026)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.00643EPSS
Exploits1References2
RustSec
RustSec
added 2019/06/13 12:0 p.m.20 views

Processing of maliciously crafted length fields causes memory allocation SIGABRTs

Affected versions of this crate tried to preallocate a vector for an arbitrary amount of bytes announced by the ASN.1-DER length field without further checks. This allows an attacker to trigger a SIGABRT by creating length fields that announce more bytes than the allocator can provide. The flaw w...

7.5CVSS4AI score0.01382EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/06/13 12:0 p.m.25 views

RUSTSEC-2019-0007 Processing of maliciously crafted length fields causes memory allocation SIGABRTs

Affected versions of this crate tried to preallocate a vector for an arbitrary amount of bytes announced by the ASN.1-DER length field without further checks. This allows an attacker to trigger a SIGABRT by creating length fields that announce more bytes than the allocator can provide. The flaw w...

7.5CVSS7.5AI score0.01382EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.51 views

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this...

7.8CVSS6.5AI score0.00643EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2016/10/05 12:0 a.m.53 views

Debian Security Advisory DSA 3688-1 (nss - security update)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...

9.3CVSS0.6AI score0.9986EPSS
Exploits1References1
Hewlett-Packard
Hewlett-Packard
added 2016/06/01 12:0 a.m.41 views

HPSBHF3548 rev.2 - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER files

Potential Security Impact System downtime, or privilege escalation. Source:HP, HP Product Security Response Team PSRT Reported by: HP VULNERABILITY SUMMARY A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local,...

7.8CVSS1.2AI score0.00397EPSS
Exploits0
Amazon
Amazon
added 2016/05/18 12:0 a.m.85 views

Medium: kernel

Issue Overview: The Linux kernel did not properly suppress hugetlbfs support in x86 PV guests, which could allow local PV guest users to cause a denial of service guest OS crash by attempting to access a hugetlbfs mapped area. CVE-2016-3961 / XSA-174 A flaw was found in the way the Linux kernel's...

7.8CVSS6.6AI score0.10202EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2016/05/18 12:0 a.m.252 views

Scientific Linux Security Update : kernel on SL7.x x86_64 (20160512)

Security Fixes : - A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privilege...

7.8CVSS6.3AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.39 views

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-2977-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2977-1 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

7.8CVSS7.3AI score0.00397EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/17 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-2975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.50 views

Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerability (USN-2979-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2979-3 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

7.8CVSS7.3AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.46 views

Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-2975-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2975-1 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

7.8CVSS7.3AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.43 views

Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2975-2)

USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properl...

7.8CVSS7.2AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.57 views

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerability (USN-2979-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2979-4 advisory. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local...

7.8CVSS7.3AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.34 views

Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2978-3)

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.2AI score0.00397EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/17 12:0 a.m.51 views

Ubuntu: Security Advisory (USN-2978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.44 views

Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-2978-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2978-2 advisory. USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS7.4AI score0.00397EPSS
Exploits0References3
Rows per page
Query Builder