Lucene search
K

186 matches found

ClickHouse
ClickHouse
added 2019/09/10 12:0 a.m.10 views

CVE-2019-16536

Stack overflow leading to DoS can be triggered by a malicious authenticated client. Eldar Zaitov of Yandex Information Security Team...

8.8CVSS5.4AI score0.00749EPSS
Exploits0
Veracode
Veracode
added 2019/05/02 5:5 a.m.26 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS6.7AI score0.03379EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2019/05/02 5:5 a.m.25 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS7.9AI score0.04373EPSS
Exploits0References17Affected Software1
Veracode
Veracode
added 2019/05/02 5:5 a.m.20 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS7.9AI score0.04299EPSS
Exploits0References14Affected Software1
Veracode
Veracode
added 2019/05/02 5:5 a.m.34 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS5.4AI score0.04378EPSS
Exploits0References17Affected Software1
Veracode
Veracode
added 2019/05/02 5:5 a.m.20 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS7.9AI score0.04373EPSS
Exploits0References17Affected Software1
Veracode
Veracode
added 2019/05/02 5:5 a.m.21 views

Arbitrary Code Execution

X.Org server is vulnerable to arbitrary code execution. Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

6.5CVSS7.8AI score0.04373EPSS
Exploits0References18Affected Software1
Oracle linux
Oracle linux
added 2018/11/08 12:0 a.m.650 views

spice-server security update

0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer overflow Resolves: rhbz1596008...

8.8CVSS4.9AI score0.04204EPSS
Exploits0
Prion
Prion
added 2018/06/20 6:29 p.m.16 views

Privilege escalation

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

6.5CVSS8.7AI score0.01284EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2018/06/20 6:29 p.m.17 views

CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

8.8CVSS7.7AI score0.01284EPSS
Exploits0References6
OSV
OSV
added 2018/06/20 6:29 p.m.28 views

CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

8.8CVSS9AI score0.01284EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2018/06/20 6:29 p.m.34 views

CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

8.8CVSS6.9AI score0.01284EPSS
Exploits0References5
OSV
OSV
added 2018/06/20 6:29 p.m.4 views

UBUNTU-CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

8.8CVSS6.8AI score0.01284EPSS
Exploits0References6
CVE
CVE
added 2018/06/20 6:0 p.m.119 views

CVE-2018-10841

GlusterFS on server nodes is vulnerable to privilege escalation via an authenticated TLS client that uses gluster CLI --remote-host to add itself to the trusted storage pool and perform privileged operations (e.g., managing volumes). The description specifies the root cause as a trust-pool escala...

8.8CVSS8.6AI score0.01284EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2018/06/20 6:0 p.m.29 views

CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

6.6CVSS8.7AI score0.01284EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2018/06/20 6:0 p.m.52 views

CVE-2018-10841

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...

8.8CVSS7.8AI score0.01284EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2018/06/20 12:0 a.m.3 views

PT-2018-10135 · Red Hat +2 · Glusterfs +2

Name of the Vulnerable Software and Affected Versions: glusterfs affected versions not specified Description: The issue allows for privilege escalation on gluster server nodes. An authenticated gluster client using TLS can exploit this by utilizing the gluster cli with the --remote-host command...

8.8CVSS6.7AI score0.05374EPSS
Exploits1References70
Tenable Nessus
Tenable Nessus
added 2017/08/16 12:0 a.m.41 views

FreeBSD : Supervisord -- An authenticated client can run arbitrary shell commands via malicious XML-RPC requests (c9460380-81e3-11e7-93af-005056925db4)

mnaberez reports : supervisord can be configured to run an HTTP server on a TCP socket and/or a Unix domain socket. The HTTP server is how supervisorctl communicates with supervisord. If an HTTP server has been enabled, it will always serve both HTML pages and an XML-RPC interface. A vulnerabilit...

9CVSS7.8AI score0.87544EPSS
Exploits10References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:9 p.m.5 views

samba: fd_open_atomic infinite loop due to wrong handling of dangling symlinks

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

6.8CVSS5.7AI score0.04189EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/08/01 7:46 a.m.13 views

samba: fd_open_atomic infinite loop due to wrong handling of dangling symlinks

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

6.8CVSS5.7AI score0.04189EPSS
Exploits1References4
Rows per page
Query Builder