Lucene search
K

141 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-18551

An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2csmbusxferemulated...

4.7CVSS6.9AI score0.00417EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.6 views

SUSE CVE-2018-12892

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...

5.5CVSS6.7AI score0.02554EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.2 views

SUSE CVE-2019-19332

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device...

6.7CVSS7.2AI score0.00679EPSS
Exploits1References15
GithubExploit
GithubExploit
added 2022/09/02 7:46 a.m.530 views

Exploit for Code Injection in Combodo Itop

iTop RCE via SSTI - CVE-2022-24780 exploit iTop --debu...

8.8CVSS8.8AI score0.05341EPSS
Exploits4
OSV
OSV
added 2022/06/08 4:15 p.m.4 views

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

4.6CVSS5.9AI score0.00316EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/06/08 4:15 p.m.3 views

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

4.6CVSS6AI score0.00316EPSS
Exploits1References7
NVD
NVD
added 2022/06/08 4:15 p.m.20 views

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

4.6CVSS0.00316EPSS
Exploits1References6
Prion
Prion
added 2022/06/08 4:15 p.m.27 views

Input validation

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

2.1CVSS4.6AI score0.00316EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2022/06/08 3:39 p.m.67 views

CVE-2022-28385

Affected products: Verbatim Executive Fingerprint Secure SSD GDMSFE01-INI3637-C VER1.1 and Fingerprint Secure Portable Hard Drive (Part Number #53650). Root cause: missing integrity checks allow manipulation of the ISO-9660 image stored in hidden USB drive sectors that backs the emulated CD-ROM c...

4.6CVSS4.5AI score0.00316EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2022/06/08 3:39 p.m.23 views

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

4.9AI score0.00316EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.4 views

Verbatim Keypad Secure USB Drive 数据伪造问题漏洞

The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from Verbatim, a Chinese company. A security vulnerability in the Verbatim Keypad Secure USB Drive, which stems from a lack of integrity checking, can be exploited by an attacker to store and execute malware on an emulat...

4.6CVSS5.3AI score0.00316EPSS
Exploits1References11
OSV
OSV
added 2022/04/11 3:43 p.m.5 views

SUSE-SU-2022:1151-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2021-20196: Fixed a denial of service in the floppy disk emulator bsc1181361. - CVE-2021-3930: Fixed a potential denial of service in the emulated SCSI device bsc1192525. Non-security fixes: - Fixed a kernel data corruption via a long kernel...

6.5CVSS6.6AI score0.00475EPSS
Exploits1References8
Malwarebytes
Malwarebytes
added 2021/05/14 7:38 a.m.160 views

What is a honeypot? How they are used in cybersecurity

Cybersecurity experts strive to enhance the security and privacy of computer systems. Quietly observing threat actors in action can help them understand what they have to defend against. A honeypot is one such tool that enables security professionals to catch bad actors in the act and gather data...

0.3AI score
Exploits0
OSV
OSV
added 2021/03/18 8:15 p.m.2 views

UBUNTU-CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

6CVSS6.8AI score0.00455EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2020/12/30 12:0 a.m.5 views

The vulnerability of the KVM GET_EMULATED_CPUID request in Linux kernel, related to the operation exceeding the data buffer’s permissible limits, allows an attacker to compromise data integrity and cause service failures. [source-iocs-preserved const=KVM_GET_EMULATED_CPUID]

The vulnerability of the KVM GETEMULATEDCPUID function in Linux operating systems is related to the operation exceeding the permissible data buffer limits. Exploiting this vulnerability can allow an attacker to compromise data integrity and cause service failures. source-iocs-preserved...

6.1CVSS7AI score0.00679EPSS
Exploits1References45Affected Software6
RedHat Linux
RedHat Linux
added 2020/12/15 9:0 a.m.3 views

kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c

An out of bounds OOB memory access flaw was found in i2csmbusxferemulated in drivers/i2c/i2c-core-smbus.c in I2C subsystem. A read request for length data-block0 greater than 'I2CSMBUSBLOCKMAX + 1' may cause underlying I2C driver write out of array's boundary. This could allow a local attacker wi...

6.7CVSS7.1AI score0.00417EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.2 views

Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid

An out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulti...

6.1CVSS6.8AI score0.00679EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2020/07/28 12:0 a.m.36 views

Cisco IOx Application Environment for IOS Software for Cisco Industrial Routers Multiple Vulnerabilities (cisco-sa-ios-iot-gos-vuln-s9qS8kYL)

According to its self-reported version, Cisco IOS Software is affected by multiple vulnerabilities in the IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000. Attackers can exploit these in...

8.8CVSS8.4AI score0.00703EPSS
Exploits0References5
Information Security Automation
Information Security Automation
added 2020/05/05 11:52 p.m.44 views

Anti-Phishing process with advanced phishing attacks simulation

This time I want to write about the service of my friends from Antiphish. They call it “security awareness and employee behaviour management platform”. Simply put, they teach company employees how to detect and avoid phishing attacks. By the way, they are great guys, made a demo for me, prepared...

Exploits0
OSV
OSV
added 2020/04/14 7:15 p.m.4 views

CVE-2019-14326

An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it starts telnet and ssh ports 22 and 23 with root privileges in the emulated Android system. This can be exploited by remote attackers to gain full access to the device, or by malicious apps installed inside the emulato...

7.8CVSS5.8AI score0.01285EPSS
Exploits1References2
Rows per page
Query Builder