Lucene search
+L

248 matches found

osv
osv
added 2022/04/26 1:49 p.m.37 views

RLSA-2022:1550 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 For more details about the security issues, including the impact, a CVSS score...

7.8CVSS7.9AI score0.02633EPSS
Exploits6References3
almalinux
almalinux
added 2022/04/26 1:49 p.m.82 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 For more details about the security issues, including the impact, a CVSS score...

7.8CVSS7.9AI score0.02633EPSS
Exploits6References2
rocky
rocky
added 2022/04/26 1:49 p.m.93 views

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS8AI score0.02633EPSS
Exploits6
oraclelinux
oraclelinux
added 2022/04/06 12:0 a.m.112 views

kernel security, bug fix, and enhancement update

3.10.0-1160.62.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...

7.8CVSS0.7AI score0.0031EPSS
Exploits0
prion
prion
added 2022/04/01 5:15 a.m.21 views

Design/Logic Flaw

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure...

6.4CVSS9AI score0.00817EPSS
Exploits0References1
cvelist
cvelist
added 2022/04/01 4:40 a.m.40 views

CVE-2021-35088

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure...

8.2CVSS9.3AI score0.00817EPSS
Exploits0References1
cve
cve
added 2022/04/01 4:40 a.m.161 views

CVE-2021-35088

CVE-2021-35088 : An out-of-bounds read due to improper validation of the SSID IE length during SSID IE parsing when the channel is DFS, reported for Qualcomm Snapdragon families (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables, Wired Infrastructure and Networking). Th...

9.1CVSS9AI score0.00817EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2022/04/01 12:0 a.m.6 views

PT-2022-10409 · Qualcomm · Snapdragon Connectivity +7

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Consumer IOT affected versions not specified Snapdragon Industrial IOT...

9.1CVSS8.8AI score0.00817EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/03/07 12:0 a.m.5 views

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcom...

9.1CVSS8.2AI score0.00817EPSS
Exploits0References8
rocky
rocky
added 2021/12/21 9:7 a.m.42 views

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

4.7CVSS0.9AI score0.00216EPSS
Exploits0
osv
osv
added 2021/02/16 7:35 a.m.7 views

ALBA-2021:0555 samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: DFS links broken in 4.12 BZ1903555...

7.1AI score
Exploits0
almalinux
almalinux
added 2021/02/16 7:35 a.m.17 views

samba bug fix and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fixes and Enhancements: DFS links broken in 4.12 BZ1903555...

4AI score
Exploits0
veracode
veracode
added 2020/04/10 1:8 a.m.42 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way CIFS shares with DFS referrals at their root were handled. An attacker on the local network who is able to deploy a malicious CIFS server could create a CIFS network share that, when mounted,...

6.5CVSS1.7AI score0.00837EPSS
Exploits0References9Affected Software2
nessus
nessus
added 2020/03/24 12:0 a.m.71 views

RHEL 7 : samba (RHSA-2020:0943)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0943 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

6.5CVSS6.5AI score0.03515EPSS
Exploits0References13
ibm
ibm
added 2019/12/18 2:26 p.m.33 views

Security Bulletin: Vulnerabilities CVE-2017-12150, CVE-2017-12151 and CVE-2017-12163 in Samba affect IBM i

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-12163 DESCRIPTION: Samba could allow a remote authenticated attacker to obtain sensitive information, caused by a memory leak over SMB1. By sending specially crafted SMB1 data, an...

7.4CVSS1.4AI score0.13334EPSS
Exploits0Affected Software1
bdu_fstec
bdu_fstec
added 2019/01/23 12:0 a.m.15 views

The vulnerability of the Samba networking communication software lies in the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. This allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Samba networking communication package is related to the lack of requirements for signing and encrypting SMB traffic when using DFS redirection. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack and gain access to read and modi...

7.4CVSS6.6AI score0.04595EPSS
Exploits0References5Affected Software1
mskb
mskb
added 2019/01/15 12:0 a.m.6 views

January 15, 2019—KB4480976 (OS Build 17134.556)

None None...

6.1AI score
Exploits0
carbonblack
carbonblack
added 2018/09/12 7:28 p.m.79 views

Carbon Black Report: A Case Study on Threat Hunting

There are certain seminal experiences you’ll remember all your life — your first kiss, your college graduation, the smell of your favorite home-cooked meal — and then hundreds of mini-experiences that helped you reach each milestone that in short order disappeared from view. The memories you carr...

1.9AI score
Exploits0
openbugbounty
openbugbounty
added 2018/09/03 1:40 a.m.6 views

dfs-wappen.de XSS vulnerability

Open Bug Bounty ID: OBB-672286 Description| Value ---|--- Affected Website:| dfs-wappen.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
prion
prion
added 2018/07/27 12:29 p.m.33 views

Design/Logic Flaw

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the...

5.8CVSS6.9AI score0.04595EPSS
Exploits0References9Affected Software8
Rows per page
Query Builder