Lucene search
K

322 matches found

CNVD
CNVD
added 2019/07/10 12:0 a.m.2 views

FreeBSD Privilege Permission and Access Control Issues Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in the cdrom driver in FreeBSD. An attacker can exploit this vulnerability to arbitrarily overwrite kernel memory and gain root privileges...

9CVSS7AI score0.0409EPSS
Exploits0References1
NVD
NVD
added 2019/07/03 7:15 p.m.19 views

CVE-2019-5602

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

9CVSS8.3AI score0.0409EPSS
Exploits0References2
OSV
OSV
added 2019/07/03 7:15 p.m.12 views

CVE-2019-5602

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

8.8CVSS6.6AI score0.0409EPSS
Exploits0References2
Prion
Prion
added 2019/07/03 7:15 p.m.18 views

Design/Logic Flaw

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

9CVSS8.3AI score0.0409EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/03 6:52 p.m.28 views

CVE-2019-5602

In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily overwrite kernel memory whe...

8.4AI score0.0409EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/07/03 6:52 p.m.29 views

CVE-2019-5602

Removed by vendor...

9CVSS8.8AI score0.0409EPSS
Exploits0
Veracode
Veracode
added 2019/05/16 3:18 a.m.61 views

Memory Corruption And Code Execution

Linux kernel is vulnerable to memory corruption vulnerability. The vulnerability exists in the function cdromioctlmediachanged of the file drivers/cdrom/cdrom.c. A privileged user could use an incorrect bounds check in the CDROM driver CDROMMEDIACHANGED ioctl to read out some kernel memory conten...

5.5CVSS6.4AI score0.00683EPSS
Exploits1References37Affected Software2
Veracode
Veracode
added 2019/05/02 5:41 a.m.32 views

Heap-Based Buffer Overflow

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer...

7.2CVSS7.2AI score0.01594EPSS
Exploits1References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.29 views

EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1188)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An information leak was discovered in the Linux kernel in cdromioctldrivestatus function in drivers/cdrom/cdrom.c that could be used...

6.1CVSS6.3AI score0.00552EPSS
Exploits0References2
Fedora
Fedora
added 2019/04/05 1:56 a.m.46 views

[SECURITY] Fedora 28 Update: libarchive-3.3.3-6.fc28

Libarchive is a programming library that can create and read several differ ent streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

8.8CVSS2.1AI score0.04575EPSS
Exploits1
Fedora
Fedora
added 2019/03/29 7:40 p.m.52 views

[SECURITY] Fedora 30 Update: libarchive-3.3.3-6.fc30

Libarchive is a programming library that can create and read several differ ent streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

8.8CVSS2.1AI score0.04575EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.45 views

openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...

8.4CVSS7.4AI score0.08743EPSS
Exploits8References237
Fedora
Fedora
added 2019/03/25 6:10 a.m.35 views

[SECURITY] Fedora 29 Update: libarchive-3.3.3-6.fc29

Libarchive is a programming library that can create and read several differ ent streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

8.8CVSS2.1AI score0.04575EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/02/14 12:0 a.m.65 views

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1027)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used b...

6.1CVSS6.3AI score0.00683EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.375 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13937-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-9516: In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead...

7.8CVSS6.5AI score0.01216EPSS
Exploits2References57
Cloud Foundry
Cloud Foundry
added 2019/01/24 12:0 a.m.46 views

USN-3848-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

9.8CVSS8.2AI score0.03399EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/12/28 12:0 a.m.61 views

EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1407)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c cou...

6.1CVSS6.4AI score0.00552EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/21 12:0 a.m.71 views

Ubuntu 18.10 : Linux kernel vulnerability (USN-3846-1)

It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu securi...

5.5CVSS6.6AI score0.00501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/21 12:0 a.m.53 views

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3847-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3847-2 advisory. USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

7.8CVSS7AI score0.00683EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2018/12/21 12:0 a.m.270 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3849-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3849-1 advisory. It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial...

7.8CVSS7AI score0.00683EPSS
Exploits2References9
Rows per page
Query Builder