Lucene search
+L

55 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 4:13 p.m.53 views

Security Bulletin: Multiple vulnerabilities in VMware ESXi affect IBM Cloud Pak System

Summary Vulnerabilities identified in VMware ESXi bundled with Cloud Pak System. Cloud Pak Systen has addressed vulnerabilities. Vulnerability Details CVEID:CVE-2022-28693 DESCRIPTION: Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by unprotect...

6.5CVSS6.9AI score0.04831EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.2 views

SUSE CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

7.8CVSS7.2AI score0.00309EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/14 11:21 p.m.54 views

Security Bulletin: Cloud Pak for Security is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105 and CVE-2021-45046)

Summary Cloud Pak for Security CP4S is vulnerable to denial of service and arbitrary code execution CVE-2021-45105, CVE-2021-45046, through the use of Apache Log4j's JNDI logging feature in CP4S Risk Manager component and SOAR component using Elastic Search. The vulnerabilities have been addresse...

10CVSS0.1AI score0.99999EPSS
Exploits359Affected Software1
Cvelist
Cvelist
added 2020/06/22 1:45 p.m.26 views

CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS7.7AI score0.00353EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/04/07 5:31 p.m.6 views

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.2.27 extras update

Red Hat OpenShift Container Platform release 4.2.27 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

7CVSS7.1AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2019/09/10 2:20 p.m.7 views

OPENSUSE-SU-2019:2109-1 Security update for SDL_image

This update for SDLimage fixes the following issues: Update SDLImage to new snapshot 1.2.12+hg695. Security issues fixed: TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file boo1140421 TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the...

8.8CVSS8.8AI score0.04515EPSS
Exploits4References15
OSV
OSV
added 2019/09/05 8:23 a.m.8 views

OPENSUSE-SU-2019:2071-1 Security update for SDL_image

This update for SDLimage fixes the following issues: Update SDLImage to new snapshot 1.2.12+hg695. Security issues fixed: TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file boo1140421 TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the...

8.8CVSS8.8AI score0.04515EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2018/12/04 12:0 a.m.34 views

RHEL 7 : Red Hat OpenShift Enterprise (RHSA-2016:1605)

An update is now available for Red Hat OpenShift Enterprise 3.1 and Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8AI score
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.34 views

Security Bulletin: IBM Workload Deployer - Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on Linux machine

Summary Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on a Linux machine. This affects virtual machines deployed by IBM Workload Deployer using the IBM OS Image for RedHat Linux version 2.0, 2.0.0.1, 2.0.0.2, 2.0.0.3, 2.0.0.4 and...

7.5CVSS8.4AI score0.18099EPSS
Exploits4Affected Software1
OSV
OSV
added 2017/10/10 7:37 p.m.21 views

SUSE-SU-2017:2699-1 Security update for SLES 12 Docker image

The SUSE Linux Enterprise Server 12 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the...

10CVSS7.9AI score0.99999EPSS
Exploits230References143
Citrix
Citrix
added 2017/08/04 12:0 a.m.9 views

How to Update Machine Catalog to propagate changes applied to the Master Image

By following the steps provided in this article you will be able to apply changes to the Master Image and propagate those changes to the machines in the Machine Catalogs in question...

7AI score
Exploits0
OSV
OSV
added 2017/08/02 5:29 a.m.4 views

CVE-2017-12199

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogueupdateorder list-item, videoupdateorder video-item, imageupdateorder list-item, taggroupupdateorder listitem, categoryproductsupdateorder...

9.8CVSS5.9AI score0.01828EPSS
Exploits1References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.5 views

Cisco Desktop Collaboration Experience DX650 Command Injection Vulnerability

Cisco Desktop Collaboration Experience DX650 is a multifunctional endpoint from Cisco replacing Cius targeting the enterprise. The base system is Android. The Cisco Desktop Collaboration Experience DX650 suffers from a command injection vulnerability that allows an attacker to inject shell comman...

7.2CVSS8AI score0.00323EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.6 views

OpenStack Glance Denial of Service Vulnerability (CNVD-2015-01203)

Glance provides restful APIs to query the metadata of a virtual machine image, and can obtain the image. A denial of service vulnerability exists in OpenStack Glance, as the OpenStack Glance import task fails to update the image, allowing an attacker to exploit the vulnerability to crash the...

4CVSS6.8AI score0.02101EPSS
Exploits1References1
Debian
Debian
added 1999/06/08 12:20 a.m.3 views

Subject: [SECURITY] New version of kernel-image for sparc fixes DoS attack

As is widely known by now the Linux 2.2.x kernels had a problem with parsing IP options, which made them susceptible to a DoS attack. The Debian GNU/Linux 2.1 release for the Sun sparc architecture uses such a kernel. If you are using such a system and havent upgraded the kernel yourself, we...

6AI score
Exploits0
Rows per page
Query Builder