Lucene search
+L

1194 matches found

ubuntu
ubuntu
added 2020/04/07 11:25 p.m.132 views

USN-4325-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

7.1CVSS6.8AI score0.02745EPSS
Exploits0
ubuntu
ubuntu
added 2020/04/07 9:0 p.m.118 views

USN-4324-1: Linux kernel vulnerabilities

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2020-8428 Shijie Luo discovered that the ext4 file system...

7.1CVSS6.7AI score0.00655EPSS
Exploits0
hackerone
hackerone
added 2020/03/29 12:30 p.m.21 views

Kubernetes: DoS for GCSArtifact.RealAll

Hi, I'm not be goot at english, if have anything don’t understand, please contact me. Thanks! Summary: attackers can control artifactName list make google storage client download large object cause denial of service. Component Version:...

7.3AI score
Exploits0
osv
osv
added 2020/03/13 7:15 p.m.3 views

CVE-2019-13171

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

9.8CVSS8AI score0.02813EPSS
Exploits0References2
nvd
nvd
added 2020/03/13 7:15 p.m.15 views

CVE-2019-13171

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

10CVSS9.8AI score0.02813EPSS
Exploits0References2
attackerkb
attackerkb
added 2020/03/13 7:15 p.m.1 views

CVE-2019-13171

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

10CVSS6.6AI score0.02813EPSS
Exploits0References5
prion
prion
added 2020/03/13 7:15 p.m.10 views

Stack overflow

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

10CVSS9.7AI score0.02813EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/03/13 6:17 p.m.90 views

CVE-2019-13171

CVE-2019-13171 affects some Xerox printers (e.g., Phaser 3320) due to stack-based buffer overflows in the Google Cloud Print implementation. The root cause is insecure handling of the register parameters and an unchecked memcpy() size, which can allow an unauthenticated attacker to execute arbitr...

10CVSS9.7AI score0.02813EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/03/13 6:17 p.m.14 views

CVE-2019-13171

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

9.8AI score0.02813EPSS
Exploits0References2
threatpost
threatpost
added 2020/03/12 2:20 p.m.108 views

$100K Paid Out for Google Cloud Shell Root Compromise

Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...

0.5AI score
Exploits0References10
threatpost
threatpost
added 2020/03/12 2:20 p.m.18 views

$100K Paid Out for Google Cloud Shell Root Compromise

Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...

0.5AI score
Exploits0References10
cnvd
cnvd
added 2020/03/09 12:0 a.m.7 views

Citrix Gateway Cache Overflow Vulnerability

Citrix Gateway is a customer-managed solution that can be deployed locally or on any public cloud, such as AWS, Azure or Google Cloud Platform. Citrix Gateway has a security vulnerability. An attacker can exploit the vulnerability to cache poisoning...

5.8CVSS6.9AI score0.01433EPSS
Exploits3References1
thn
thn
added 2020/03/05 2:0 p.m.5 views

A Massive U.S. Property and Demographic Database Exposes 200 Million Records

More than 200 million records containing a wide range of property-related information on US residents were left exposed on a database that was accessible on the web without requiring any password or authentication. The exposed data — a mix of personal and demographic details — included the name,...

5.9AI score
Exploits0
ubuntu
ubuntu
added 2020/02/18 8:25 p.m.95 views

USN-4287-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the Atheros 802.11ac wireless USB device driver in the...

7.8CVSS6.9AI score0.10114EPSS
Exploits8
osv
osv
added 2019/11/25 4:15 p.m.1 views

ALPINE-CVE-2019-10217

A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...

6.5CVSS6.5AI score0.01853EPSS
Exploits1References1
osv
osv
added 2019/11/25 4:15 p.m.1 views

DEBIAN-CVE-2019-10217

A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...

6.5CVSS6.9AI score0.01853EPSS
Exploits1References1
osv
osv
added 2019/11/25 4:15 p.m.1 views

UBUNTU-CVE-2019-10217

A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...

6.5CVSS6.8AI score0.01853EPSS
Exploits1References4
pypa
pypa
added 2019/11/25 4:15 p.m.7 views

PYSEC-2019-3

A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...

6.5CVSS6.5AI score0.01853EPSS
Exploits1References6Affected Software1
kitploit
kitploit
added 2019/09/21 9:50 p.m.411 views

ScoutSuite - Multi-Cloud Security Auditing Tool

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of...

6.6AI score
Exploits0References7
ubuntu
ubuntu
added 2019/09/11 5:29 a.m.231 views

USN-4115-2: Linux kernel regression

USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for...

7.7AI score
Exploits0References1
Rows per page
Query Builder