Lucene search
+L

133 matches found

OpenVAS
OpenVAS
added 2022/05/20 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:1757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.01005EPSS
Exploits3References4
OSV
OSV
added 2022/05/16 8:4 a.m.9 views

SUSE-SU-2022:1669-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29156: Fixed a double free related to rtrscltdevrelease bnc1198515. - CVE-2022-28893: Ensuring that sockets are in the intended state inside the SUNR...

8.8CVSS7.9AI score0.01206EPSS
Exploits5References62
Rapid7 Blog
Rapid7 Blog
added 2022/04/29 8:9 p.m.61 views

Metasploit Wrap-Up

Redis Sandbox Escape Our very own Jake Baines wrote a module that performs a sandbox escape on Redis versions between 5.0.0 and 6.1.0 and achieves remote code execution as the redis user. Redis installations can be password protected, so this module supports exploiting the vulnerability with and...

10CVSS1.5AI score0.9967EPSS
Exploits10
OSV
OSV
added 2022/04/07 3:4 p.m.6 views

SUSE-SU-2022:1127-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR bsc1197903: MFSA 2022-14 bsc1197903 CVE-2022-1097: Fixed memory safety violations that could occur when PKCS11 tokens are removed while in use CVE-2022-28281: Fixed an out of bounds write due to...

8.8CVSS7.7AI score0.1446EPSS
Exploits7References11
Rapid7 Blog
Rapid7 Blog
added 2022/02/25 9:48 p.m.244 views

Metasploit Weekly Wrap-Up

Exchange RCE Exchange remote code execution vulnerabilities are always valuable exploits to have. This week Metasploit added an exploit for an authenticated RCE in Microsoft Exchange servers 2016 and server 2019 identified as CVE-2021-42321. The flaw leveraged by the exploit exists in a...

6.5CVSS9.1AI score0.90388EPSS
Exploits9
OSV
OSV
added 2022/02/10 4:40 p.m.8 views

SUSE-SU-2022:0366-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input bsc1195254. - CVE-2022-0330: Fixed flush TLBs befor...

7.8CVSS8.5AI score0.07709EPSS
Exploits14References78
OSV
OSV
added 2022/02/02 9:2 a.m.16 views

SUSE-SU-2022:0289-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-4083: Fixed race condition in Unix domain socket garbage collection that could lead to read memory after free bsc1193727. - CVE-2021-4135: Fixed an...

8.4CVSS7.1AI score0.25151EPSS
Exploits15References30
OSV
OSV
added 2022/01/25 4:47 p.m.10 views

SUSE-SU-2022:0181-1 Security update for the Linux Kernel

The SUSE MicroOS 5.0 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-4001: Fixed a race condition when the EBPF map is frozen. bsc1192990 - CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in...

6.7CVSS7.7AI score0.00643EPSS
Exploits2References63
OSV
OSV
added 2022/01/19 4:31 p.m.11 views

SUSE-SU-2022:0131-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past jscSLE-22573 You can reenable via systemctl setting /proc/sys/kernel/unprivilegedbpfdisabled to 0...

7.5CVSS7.8AI score0.03585EPSS
Exploits2References88
OSV
OSV
added 2022/01/14 11:7 a.m.9 views

SUSE-SU-2022:0079-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-24504: Fixed an uncontrolled resource consumption in some IntelR Ethernet E810 Adapter drivers that may have allowed an authenticated user to...

7.5CVSS7.8AI score0.03585EPSS
Exploits2References87
OSV
OSV
added 2022/01/11 3:21 p.m.9 views

SUSE-SU-2022:0056-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses. bsc1194094 - CVE-2021-45486: Fixed an information leak because the hash table is very...

7.5CVSS7.8AI score0.03585EPSS
Exploits2References91
OSV
OSV
added 2021/10/12 3:9 p.m.10 views

SUSE-SU-2021:3387-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a...

7.9CVSS7.5AI score0.01736EPSS
Exploits2References68
Openbugbounty
Openbugbounty
added 2021/10/03 9:33 a.m.36 views

All Vulnerabilities for cbinsights.com Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cbinsights.com ---|--- Open Bug Bounty...

6.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/08/20 7:12 p.m.280 views

Metasploit Wrap-Up

Anyone enjoy making chains? The community is hard at work building chains to pull sessions out of vulnerable Exchange servers. This week Rapid7's own wvu & Spencer McIntyre added a module that implements the ProxyShell exploit chain originally demonstrated by Orange Tsai. The module also benefite...

10CVSS0.2AI score0.99999EPSS
Exploits23
OSV
OSV
added 2021/08/17 11:25 a.m.9 views

SUSE-SU-2021:2756-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3659: Fixed a NULL pointer dereference in llseckeyalloc in net/mac802154/llsec.c bsc1188876. - CVE-2021-21781: Fixed a information disclosure...

8.7CVSS7.5AI score0.0066EPSS
Exploits3References46
OSV
OSV
added 2021/07/22 6:35 a.m.12 views

OPENSUSE-SU-2021:1076-1 Security update for the Linux Kernel

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write affecting Linux was discovered in net/netfilter/xtables.c bnc1188116. - CVE-2021-33909: fs/seqfile.c did not properly restrict s...

8.3CVSS8.2AI score0.78684EPSS
Exploits28References35
OSV
OSV
added 2021/07/20 12:40 p.m.10 views

SUSE-SU-2021:2406-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/xtables.c that could allow local provilege escalation. bsc1188116 - CVE-2021-33909: Fixed an...

8.3CVSS7.8AI score0.78684EPSS
Exploits36References45
OSV
OSV
added 2021/06/15 11:4 a.m.6 views

SUSE-SU-2021:1975-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes ...

9.8CVSS9.1AI score0.27477EPSS
Exploits21References355
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2015:0167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.06564EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2017:3265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.6AI score0.20797EPSS
Exploits26References76
Rows per page
Query Builder