9185 matches found
EulerOS 2.0 SP3 : openssh (EulerOS-SA-2020-1419)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target...
Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.4.3 release and security update
Red Hat AMQ Broker 7.4.3 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
DEBIAN-CVE-2020-6447
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page...
Design/Logic Flaw
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2020-6440
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...
CVE-2020-6447
CVE-2020-6447 describes an inappropriate implementation in the developer tools of Chromium/Google Chrome prior to 81.0.4044.92, which could allow a remote attacker who convinces a user to use DevTools to potentially exploit heap corruption via a crafted HTML page. Public sources (Arch Linux secur...
CVE-2020-6442
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2020-6440
CVE-2020-6440 concerns an insecure extension handling in Chromium/Google Chrome prior to 81.0.4044.92, caused by an inappropriate implementation in extensions. An attacker could exploit this by convincing a user to install a malicious extension, potentially leading to disclosure of sensitive info...
CVE-2020-6440
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists through a signedness issue found in the Linux kernel's CIFS Common Internet File System implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial ...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists through inconsistency in the methods for allocating and freeing NFSv4 ACL data; CVE-2010-4250 fix caused a regression; a flaw in nextpidmap and inetdiagbcaudit; flaws in the CAN implementation; a race condition in the memory...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists through a heap overflow flaw in the EFI GUID Partition Table GPT implementation could allow a local attacker to cause a denial of service by mounting a disk containing specially-crafted partition tables...
Denial Of Service (DoS)
The kernel is vulnerable to denial of service DoS. Due to flaws in the AGPGART driver implementation when handling certain IOCTL commands, it allows a local user to cause a denial of service or escalate their privileges...
Denial Of Service (DoS)
Kernel is vulnerable to denial of service DoS. A missing validation check was found in the bcmrelease and rawrelease functions in the Linux kernel's Controller Area Network CAN implementation. This could allow a local, unprivileged user to cause a denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel's Transparent Huge Pages THP implementation. A local, unprivileged user could abuse this flaw to allow the user stack when it is using huge pages to grow and cause a denial of service...
Denial Of Service (DoS)
kernel is vulnerabel to denial of service. Missing boundary checks in the block layer implementation could allow a local, unprivileged user to cause a denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. Missing boundary checks in the block layer implementation could allow a local, unprivileged user to cause a denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the Generic Receive Offload GRO functionality in the Linux kernel's networking implementation. If both GRO and promiscuous mode were enabled on an interface in a virtual LAN VLAN, it could result in a denial o...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. An attacker is able to exploit the vulnerability within the OS font implementation to execute arbitrary code using malformed OpenType fonts by verifying the font file prior to use...
Information Disclosure
kernel is vulnerable to information disclosure. Information leak in the USB implementation. Certain USB errors could result in an uninitialized kernel buffer being sent to user-space. An attacker with physical access to a target system could use this flaw to cause an information leak...