Lucene search
K

31 matches found

OSV
OSV
added 2026/06/08 11:1 p.m.8 views

GHSA-W573-9FFJ-6FF9 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...

4CVSS5.5AI score0.00136EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/07 9:37 a.m.12 views

CVE-1999-0062

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage...

7.2CVSS7.1AI score0.00573EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-1999-0062

Malware in sbrugna...

7.2CVSS6.4AI score0.00573EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/26 12:0 a.m.5 views

PT-2024-3054

Name of the Vulnerable Software and Affected Versions Jetty versions prior to 9.4.54 Jetty versions prior to 10.0.20 Jetty versions prior to 11.0.20 Jetty versions prior to 12.0.6 Description The issue is related to an HTTP/2 SSL connection that is established and TCP congested, which will be...

7.8CVSS7.7AI score0.01433EPSS
Exploits0References40
RedHat Linux
RedHat Linux
added 2024/02/08 7:25 p.m.3 views

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

8.6CVSS7AI score0.18087EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.31 views

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2020:4676)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4676 advisory. - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - qemu/qemudriver.c in libvirt before 6.0.0...

8.8CVSS6.9AI score0.04027EPSS
Exploits2References33
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/13 7:34 p.m.48 views

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service

Summary A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an...

7.8CVSS1AI score0.77385EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.63 views

EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting informati...

8.8CVSS6.9AI score0.02294EPSS
Exploits0References5
Veracode
Veracode
added 2020/08/18 8:23 a.m.48 views

Information Disclosure

libvirt is vulnerable to information disclosure. A file descriptor for /dev/mapper/control is leaked into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host...

8.8CVSS2.1AI score0.00416EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2019/06/04 8:28 p.m.23 views

CVE-2019-12210

In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...

8.1CVSS7.9AI score0.0187EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/11/30 12:0 a.m.41 views

openSUSE Security Update : openssh (openSUSE-2018-1477)

This update for openssh fixes the following issues : Following security issues have been fixed : - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully...

5.9CVSS6.6AI score0.98631EPSS
Exploits23References4
UbuntuCve
UbuntuCve
added 2018/04/04 6:29 p.m.23 views

CVE-2018-9275

In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...

8.2CVSS6.8AI score0.01466EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open fil...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a legitimate server and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.8 views

Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9471/info A vulnerability has been reported to exist in the Apache modperl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a...

7.1AI score
Exploits0
Oracle linux
Oracle linux
added 2013/10/02 12:0 a.m.22 views

xinetd security and bug fix update

2:2.3.14-19 - Correctly backport patches that fix the descriptor leakage - Related: 852274 -2:2.3.14-18 - Fix leaking file descriptors 852274 - Fix: Service disabled due to bind failure 811000 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port 788795...

4.3CVSS6.4AI score0.02779EPSS
Exploits1
securityvulns
securityvulns
added 2013/06/04 12:0 a.m.115 views

socat security vulnerabilities

Buffer overflow, file descriptor leakage...

6.2CVSS2.5AI score0.02061EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/05/17 12:0 a.m.19 views

RedHat Update for libvirt RHSA-2013:0831-01

Check for the Version of libvirt OpenVAS Vulnerability Test RedHat Update for libvirt RHSA-2013:0831-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS7AI score0.03513EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/05/17 12:0 a.m.30 views

CentOS Update for libvirt CESA-2013:0831 centos6

Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS7AI score0.03513EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/05/17 12:0 a.m.34 views

CentOS 6 : libvirt (CESA-2013:0831)

Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5CVSS7AI score0.03513EPSS
Exploits0References2
Rows per page
Query Builder