Lucene search
K

49 matches found

Debian CVE
Debian CVE
added 2024/06/19 1:35 p.m.12 views

CVE-2024-38560

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...

7.1CVSS6AI score0.00265EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/09/20 6:30 p.m.29 views

Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not require POST requests for an HTTP endpoint, resulting in cross-site request forgery CSRF vulnerabilities. This vulnerability allows attackers to delete Failure Causes. Build Failure Analyzer Plugin 2.4.2 requires POST requests for t...

4.3CVSS6.7AI score0.00339EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.2 views

SUSE CVE-2010-4343

drivers/scsi/bfa/bfacore.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service system crash via read operations on an fchost statistics file...

5.5CVSS6.1AI score0.00391EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2022/12/20 8:5 p.m.7 views

bfa-istif.cn Cross Site Scripting vulnerability OBB-3111344

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/09/12 11:3 a.m.11 views

bfa-istif.net Cross Site Scripting vulnerability OBB-2915176

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/10/12 9:3 a.m.5 views

bfa-it.com Cross Site Scripting vulnerability OBB-1400460

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Veracode
Veracode
added 2020/04/10 12:55 a.m.23 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the...

5.5CVSS3.7AI score0.00391EPSS
Exploits0References17Affected Software1
Ubuntu
Ubuntu
added 2020/03/25 3:12 a.m.202 views

USN-4302-1: Linux kernel vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

6.8CVSS6.5AI score0.02745EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/03/25 1:39 a.m.182 views

USN-4301-1: Linux kernel vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information read memor...

7.8CVSS6.4AI score0.03286EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/03/25 1:13 a.m.160 views

USN-4300-1: Linux kernel vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information read memor...

7.8CVSS6.5AI score0.03286EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/03/18 12:0 a.m.228 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4302-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4302-1 advisory. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the...

6.8CVSS6.6AI score0.02745EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2020/03/18 12:0 a.m.55 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4300-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4300-1 advisory. It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations...

7.8CVSS6.8AI score0.03286EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2020/03/17 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-4301-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.03286EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/02/18 8:58 p.m.120 views

USN-4286-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/02/18 8:34 p.m.127 views

USN-4286-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
OSV
OSV
added 2019/11/18 6:15 a.m.3 views

UBUNTU-CVE-2019-19066

A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering bfaportgetstats failures, aka CID-0e62395da2bd...

4.7CVSS6.7AI score0.00452EPSS
Exploits0References8
CNVD
CNVD
added 2019/11/18 12:0 a.m.2 views

Linux kernel memory leak vulnerability (CNVD-2019-41260)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in Linux kernel 5.3....

4.7CVSS7.7AI score0.00452EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/02/24 3:54 p.m.12 views

finance.emploi-bfa.fr XSS vulnerability

Open Bug Bounty ID: OBB-567524 Description| Value ---|--- Affected Website:| finance.emploi-bfa.fr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosu...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/02/14 12:0 a.m.43 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-246)

The openSUSE Leap 42.1 kernel to 4.1.38 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7117: Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors...

10CVSS7.2AI score0.24299EPSS
Exploits8References29
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.53 views

OracleVM 2.1 : kernel (OVMSA-2009-0023)

The remote OracleVM system is missing necessary patches to address critical security updates : - backport for online resize of blockdev orabug 8585251 rh bugz 444964 - CVE-2009-2692 - net make socksendpage use kernelsendpage Jiri Pirko 517445 516955 - CVE-2009-2698 - net prevent null pointer...

7.8CVSS6.3AI score0.14749EPSS
Exploits34References3
Rows per page
Query Builder