Lucene search
K

16996 matches found

Prion
Prion
added 2019/07/15 4:15 a.m.12 views

Design/Logic Flaw

DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability."...

5CVSS5.3AI score0.02286EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2019/07/15 4:15 a.m.47 views

CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

9.8CVSS7.3AI score0.03249EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/07/15 4:15 a.m.27 views

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.3CVSS6.4AI score0.0322EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/07/15 4:15 a.m.19 views

CVE-2019-1010025

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...

5.3CVSS6.4AI score0.02286EPSS
Exploits1References1
Prion
Prion
added 2019/07/15 4:15 a.m.23 views

Code injection

DISPUTED GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE...

6.8CVSS8.6AI score0.03069EPSS
Exploits1References5
Prion
Prion
added 2019/07/15 4:15 a.m.18 views

Design/Logic Flaw

DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."...

5CVSS5.3AI score0.0322EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2019/07/15 4:15 a.m.27 views

CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...

8.8CVSS7.2AI score0.03069EPSS
Exploits1References1
OSV
OSV
added 2019/07/15 4:15 a.m.1 views

UBUNTU-CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.3CVSS7.3AI score0.0322EPSS
Exploits1References2
Prion
Prion
added 2019/07/15 4:15 a.m.16 views

Stack overflow

DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indica...

7.5CVSS9.6AI score0.03249EPSS
Exploits1References4
CVE
CVE
added 2019/07/15 3:11 a.m.210 views

CVE-2019-1010025

CVE-2019-1010025 affects the GNU C Library (glibc) Current, describing a mitigation bypass in which an attacker may guess heap addresses of pthread_created threads. The vendor notes that ASLR bypass itself is not a vulnerability. The entry indicates a MEDIUM base impact (CVSS v3.0: 5.3) with no c...

5.3CVSS5.5AI score0.02286EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/07/15 3:11 a.m.17 views

CVE-2019-1010025

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...

5.2AI score0.02286EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2019/07/15 3:11 a.m.20 views

CVE-2019-1010025

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...

5.3CVSS5.6AI score0.02286EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2019/07/15 3:9 a.m.15 views

CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...

6.8AI score0.03069EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/07/15 3:9 a.m.26 views

CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...

8AI score0.03069EPSS
Exploits1References5
CVE
CVE
added 2019/07/15 3:9 a.m.234 views

CVE-2019-1010023

CVE-2019-1010023 is reflected in OSV entries for Root OS Debian 12/13, where the rootio-glibc package is patched. The Debian-backed records indicate multiple fixed versions are available; the initial description notes a threat involving re-mapping a loaded ELF via two files and ldd, but upstream ...

8.8CVSS7.8AI score0.03069EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2019/07/15 3:9 a.m.23 views

CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...

8.8CVSS7AI score0.03069EPSS
Exploits1
Cvelist
Cvelist
added 2019/07/15 3:6 a.m.16 views

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.2AI score0.0322EPSS
Exploits1References6
CVE
CVE
added 2019/07/15 3:6 a.m.209 views

CVE-2019-1010024

CVE-2019-1010024 affects GNU Libc (glibc). The description in the initial document states a mitigation bypass with the impact that an attacker may bypass ASLR by leveraging the cache of thread stack and heap. Upstream and some vendor notes indicate this is treated as a non-security bug and not a ...

5.3CVSS5.5AI score0.0322EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2019/07/15 3:6 a.m.19 views

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.3CVSS5.7AI score0.0322EPSS
Exploits1
Cvelist
Cvelist
added 2019/07/15 3:0 a.m.34 views

CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

9.7AI score0.03249EPSS
Exploits1References4
Rows per page
Query Builder