Lucene search
+L

147 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 2:12 p.m.19 views

Security Bulletin: Incorrect file permissions allows authenticated users to recover IPMI user passwords

Summary A flaw in the file permissions may expose IPMI user passwords. This may lead to privilege escalations. Vulnerability Details CVEID: CVE-2020-14156 DESCRIPTION: OpenBMC phosphor-host-ipmid could allow a remote authenticated attacker to bypass security restrictions, caused by the failure to...

8.8CVSS8.1AI score0.01809EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/09/07 12:0 a.m.66 views

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2336)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege...

8.1CVSS6.9AI score0.06563EPSS
Exploits5References11
OpenVAS
OpenVAS
added 2021/09/04 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.06563EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/08/09 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2246)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.03259EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.57 views

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1977-1)

"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1977-1 advisory. - An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in aaauditruleinit in...

9.8CVSS7.2AI score0.27477EPSS
Exploits21References344
Cvelist
Cvelist
added 2021/07/13 4:10 p.m.20 views

CVE-2021-20423

IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308...

8.8CVSS8.3AI score0.01065EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/21 12:0 a.m.48 views

SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2021:1975-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1975-1 advisory. The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

9.8CVSS7.7AI score0.27477EPSS
Exploits21References407
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.70 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4982-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4982-1 advisory. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could u...

7.8CVSS7.4AI score0.03259EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
added 2021/06/02 12:0 a.m.63 views

Ubuntu 21.04 : Linux kernel vulnerabilities (USN-4977-1)

The remote Ubuntu 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4977-1 advisory. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause...

7.8CVSS7.2AI score0.03259EPSS
Exploits3References7
Prion
Prion
added 2021/05/26 11:15 a.m.23 views

Design/Logic Flaw

A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...

7.2CVSS7.4AI score0.00613EPSS
Exploits1References9Affected Software3
Debian CVE
Debian CVE
added 2021/05/26 10:44 a.m.44 views

CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...

7.8CVSS6.7AI score0.00511EPSS
Exploits1
Cvelist
Cvelist
added 2021/05/26 10:44 a.m.21 views

CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...

7.8AI score0.00511EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2021/05/26 10:28 a.m.46 views

CVE-2020-25670

A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...

7.8CVSS6.8AI score0.00613EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/05/12 12:0 a.m.104 views

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4948-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4948-1 advisory. Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a rin...

8.8CVSS7.8AI score0.27477EPSS
Exploits11References22
0day.today
0day.today
added 2021/04/08 12:0 a.m.54 views

Check Point Identity Agent Arbitrary File Write Vulnerability

Check Point Identity Agent Arbitrary File Write Vulnerability Description =========== The Check Point Identity Agent allows low privileged users to write files to protected locations of the file system. Details ======= Advisory ID: usd-2021-0005 Product: Check Point Identity Agent Affected Versio...

7.4AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2021/04/01 12:0 a.m.284 views

Who Contains the Containers?

Posted by James Forshaw, Project Zero This is a short blog post about a research project I conducted on Windows Server Containers that resulted in four privilege escalations which Microsoft fixed in March 2021. In the post, I describe what led to this research, my research process, and insights...

8.8CVSS8.8AI score0.01462EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2020/11/02 12:0 a.m.54 views

CVE-2020-25670

A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations...

7.8CVSS6.7AI score0.00613EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2020/11/02 12:0 a.m.60 views

CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations...

7.8CVSS6.7AI score0.00511EPSS
Exploits1References8
Metasploit
Metasploit
added 2020/09/30 5:41 p.m.201 views

Cisco AnyConnect Privilege Escalations (CVE-2020-3153 and CVE-2020-3433)

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility...

7.8CVSS6.9AI score0.28307EPSS
Exploits16
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.57 views

Citrix SD-WAN WANOP 10.2.x Multiple Vulnerabilities (CTX276688)

The remote Citrix SD-WAN WANOP device is version 10.2.x prior to 10.2.7, 11.0.x prior to 11.0.3d, 11.1.x prior to 11.1.1a. It is, therefore, affected by multiple vulnerabilities: - An authorization bypass vulnerability exists in Citrix SD-WAN WANOP devices. An unauthenticated, remote attacker wit...

6.5CVSS7AI score0.88411EPSS
Exploits6References7
Rows per page
Query Builder