Lucene search
+L

155 matches found

CNNVD
CNNVD
added 2022/06/08 12:0 a.m.37 views

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot versions prior to 2022.01, which stems from U-Boot's...

5.5CVSS7.8AI score0.00439EPSS
Exploits0References7
OSV
OSV
added 2022/02/11 6:15 p.m.7 views

AZL-8579 CVE-2022-0382 affecting package kernel for versions less than 5.15.26.1-1

An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user...

5.5CVSS7.1AI score0.00385EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/12/31 12:0 a.m.7 views

PT-2021-8042 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17-rc1 Description: The issue is related to an information leak flaw in the Linux kernel's TIPC protocol subsystem. This flaw occurs due to uninitialized memory when a user sends a TIPC datagram to one or more...

9.8CVSS7.1AI score0.67994EPSS
Exploits201References905
OSV
OSV
added 2020/12/15 1:15 a.m.18 views

CVE-2020-35471

Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500...

7.5CVSS6.8AI score
Exploits0References3
CNNVD
CNNVD
added 2020/12/14 12:0 a.m.8 views

Envoy 安全漏洞

Envoy is an open source distributed proxy server . A security vulnerability exists in versions prior to Envoy 1.16.1 that stems from incorrect handling of dropped and truncated datagrams, as evidenced by a UDP packet size greater than 1500 segmentation error. No details of the vulnerability are...

7.5CVSS7.1AI score0.02364EPSS
Exploits1References7
CNVD
CNVD
added 2020/07/03 12:0 a.m.24 views

Samba Input Validation Error Vulnerability

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. An input validation error...

7.5CVSS9AI score0.03539EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/03/31 9:26 p.m.4 views

net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service

snmpoidcompare in snmplib/snmpapi.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

7.5CVSS7.3AI score0.04298EPSS
Exploits1References4
Cent OS
Cent OS
added 2020/02/27 10:11 p.m.129 views

ppp security update

CentOS Errata and Security Advisory CESA-2020:0631 An update for ppp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.5AI score0.19582EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2020/02/27 3:46 p.m.147 views

Important: Red Hat Security Advisory: ppp security update

An update for ppp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.5AI score0.19582EPSS
Exploits3References2
OSV
OSV
added 2020/02/27 2:59 p.m.35 views

ALSA-2020:0633 Important: ppp security update

The ppp packages contain the Point-to-Point Protocol PPP daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider ISP or other organization over a modem...

9.8CVSS9.9AI score0.19582EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1313)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.00823EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/01/21 11:18 p.m.111 views

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/09/24 1:40 p.m.3 views

QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams

A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...

8.2CVSS7.7AI score0.00823EPSS
Exploits0References4
Veracode
Veracode
added 2019/05/16 2:50 a.m.36 views

Arbitrary Code Execution

Linux kernel is vulnerable to buffer overflow vulnerability. This is due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net in a fragment handling code in the Linux kernel. Remote attackers could execute arbitrary code via crafted...

6.8CVSS8.3AI score0.01765EPSS
Exploits0References39Affected Software2
RedHat Linux
RedHat Linux
added 2019/05/14 7:16 p.m.5 views

kernel: Buffer overflow in firewire driver via crafted incoming packets

A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net in a fragment handling code in the Linux kernel. The vulnerability exists since firewire supported IPv4, i.e. since version 2.6.31 year 2009 till...

6.8CVSS7.2AI score0.01765EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/09 11:4 a.m.11 views

QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams

A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...

8.2CVSS7.7AI score0.00823EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.58 views

EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2018-1314)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams CVE-2018-11806 - QEMU: i386: multiboot OOB access while loading kern...

8.8CVSS7.1AI score0.00823EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.40 views

EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2018-1313)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams CVE-2018-11806 - QEMU: i386: multiboot OOB access while loading kern...

8.8CVSS7.1AI score0.00823EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/09/25 7:14 p.m.6 views

QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams

A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...

8.2CVSS7.7AI score0.00823EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/05 12:0 a.m.46 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:2615-1) (Spectre)

This update for kvm fixes the following security issues : CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causing DoS bsc1098735...

8.2CVSS7.2AI score0.60631EPSS
Exploits7References10
Rows per page
Query Builder