Lucene search
K

153 matches found

NVD
NVD
added 2020/01/23 9:15 p.m.15 views

CVE-2019-19895

In IXP EasyInstall 6.2.13723, there is Lateral Movement using the Agent Service against other users on a client system. An authenticated attacker can, by modifying %SYSTEMDRIVE%\IXP\SW\PACKAGECODE\EveryLogon.bat, achieve this movement and execute code in the context of other users...

8.8CVSS7.9AI score0.00445EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/01/14 12:0 a.m.68 views

drm graphics drivers -- potential information disclusure via local access

Intel reports: .A potential security vulnerability in IntelR Processor Graphics may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Description: Insufficient control flow in certain data structures for some IntelR Processors with IntelR...

5.5CVSS2.5AI score0.01447EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.16 views

Fedora 30 : xen (2019-53b0dc52ee)

xen: various flaws 1685577 grant table transfer issues on large hosts XSA-284 race with pass-through device hotplug XSA-285 x86: stealpage violates pagestruct access discipline XSA-287 x86: Inconsistent PV IOMMU discipline XSA-288 missing preemption in x86 PV page table unvalidation XSA-290 x86/P...

5.5AI score
Exploits0References1
Xen Project
Xen Project
added 2019/03/05 12:0 p.m.127 views

x86: PV kernel context switch corruption

ISSUE DESCRIPTION On hardware supporting the fsgsbase feature, 64bit PV guests can set and clear the applicable control bit in its virtualised %cr4, but the feature remains fully active in hardware. Therefore, the associated instructions are actually usable. Linux, which does not currently suppor...

7.8CVSS0.3AI score0.00352EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2018/09/25 7:6 p.m.94 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS7.5AI score0.14806EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2018/09/21 12:0 a.m.41 views

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-13093: Prevent NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. Th...

8.4CVSS7AI score0.04997EPSS
Exploits8References162
Prion
Prion
added 2018/08/20 2:29 a.m.20 views

Design/Logic Flaw

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

2.1CVSS6.3AI score0.00511EPSS
Exploits0References12Affected Software3
OSV
OSV
added 2018/08/20 2:29 a.m.11 views

CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

6.5CVSS7.3AI score
Exploits0References12
OSV
OSV
added 2018/08/20 2:29 a.m.1 views

DEBIAN-CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

6.5CVSS6.4AI score0.00511EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/08/20 2:0 a.m.30 views

CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

6.5AI score0.00511EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2018/08/20 2:0 a.m.40 views

CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

6.5CVSS7AI score0.00511EPSS
Exploits0
OSV
OSV
added 2018/08/19 12:0 a.m.2 views

UBUNTU-CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

6.5CVSS6.7AI score0.00511EPSS
Exploits0References13
OSV
OSV
added 2017/09/21 3:29 p.m.3 views

CVE-2017-8280

In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch...

7CVSS6.1AI score0.00291EPSS
Exploits0References2
Prion
Prion
added 2017/09/21 3:29 p.m.17 views

Race condition

In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch...

5.1CVSS7.2AI score0.00291EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2017/07/07 2:54 p.m.27 views

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

8CVSS5.7AI score0.01349EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/07/05 1:29 a.m.41 views

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS6.9AI score0.01349EPSS
Exploits0References2
Prion
Prion
added 2017/07/05 1:29 a.m.20 views

Design/Logic Flaw

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

5CVSS7.3AI score0.01349EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2017/07/05 1:29 a.m.21 views

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS8.4AI score0.01349EPSS
Exploits0References5
OSV
OSV
added 2017/07/05 1:29 a.m.29 views

CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS6.5AI score
Exploits0References5
OSV
OSV
added 2017/07/05 1:29 a.m.1 views

DEBIAN-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS6.5AI score0.01349EPSS
Exploits0References1
Rows per page
Query Builder