Lucene search
K

9185 matches found

Veracode
Veracode
added 2020/04/10 12:46 a.m.51 views

Denial Of Service (DoS)

The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...

7.1CVSS4.1AI score0.02979EPSS
Exploits1References15Affected Software2
Veracode
Veracode
added 2020/04/10 12:45 a.m.35 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the Fast Userspace Mutexes futexes implementation. The unlock code path did not check if the futex value associated with pistate-owner had been modified. A local user could use...

2.1CVSS4.1AI score0.00387EPSS
Exploits0References25Affected Software2
Veracode
Veracode
added 2020/04/10 12:40 a.m.37 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it...

7.8CVSS2.6AI score0.12EPSS
Exploits1References32Affected Software2
Veracode
Veracode
added 2020/04/10 12:39 a.m.34 views

Denial Of Service (DoS)

The kernel vulnerable to denial of service DoS. The Parallels Virtuozzo Containers team reported the RHSA-2009:1243 update introduced two flaws in the routing implementation. If an attacker was able to cause a large enough number of collisions in the routing hash table via specially-crafted packe...

7.5CVSS1.3AI score0.11051EPSS
Exploits3References19Affected Software1
Veracode
Veracode
added 2020/04/10 12:35 a.m.29 views

Access Restrictions Bypass

JRE proxy is vulnerable to access restrictions bypass. An additional flaw was found in the proxy mechanism implementation. This flaw allowed an untrusted applet or application to bypass access restrictions and communicate using non-authorized socket or URL connections to hosts other than the orig...

7.5CVSS3.1AI score0.04838EPSS
Exploits0References39Affected Software2
Veracode
Veracode
added 2020/04/10 12:34 a.m.29 views

Denial Of Service (DoS)

kernel isvulnerable to denial of service DoS. The vulnerability exists as several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory...

7.8CVSS2.2AI score0.04268EPSS
Exploits0References44Affected Software2
Veracode
Veracode
added 2020/04/10 12:29 a.m.37 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. By default, the /dev/sg devices are accessible only to the root user...

1.9CVSS3.7AI score0.0037EPSS
Exploits0References30Affected Software2
Veracode
Veracode
added 2020/04/10 12:28 a.m.29 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the addtopagecachelru function...

5.5CVSS2.9AI score0.00616EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/04/10 12:14 a.m.23 views

Privilege Escalation

mutt is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in the way Mutt used temporary files on NFS file systems. Due to an implementation issue in the NFS protocol, Mutt was not able to exclusively open a new file. A local attacker could conduct a time-dependent...

1.2CVSS3.1AI score0.00342EPSS
Exploits0References15Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/09 2:7 p.m.24 views

CVE-2020-6440

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS3.5AI score0.01153EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/09 2:6 p.m.25 views

CVE-2020-6447

Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.8AI score0.01833EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2020/04/09 10:13 a.m.47 views

CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

7.5CVSS2.4AI score0.02779EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/09 10:6 a.m.63 views

CVE-2019-14378

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

8.8CVSS5.3AI score0.16658EPSS
Exploits3References3
Cvelist
Cvelist
added 2020/04/08 5:43 p.m.24 views

CVE-2018-21058

An issue was discovered on Samsung mobile devices with N7.0, O8.0 exynos7420 or Exynos 8890/8996 chipsets software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension CE is not used. The Samsung ID is SVE-2018-12761 September...

9.5AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/04/08 5:31 a.m.33 views

CVE-2019-11840

An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...

5.9CVSS2.1AI score0.03437EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/07 4:54 p.m.35 views

CVE-2016-5386

An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's net/http package,...

8.1CVSS0.9AI score0.0522EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/04/07 12:0 a.m.39 views

RHEL 6 : chromium-browser (RHSA-2020:1350)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1350 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.162. Security Fixes:...

8.8CVSS8.5AI score0.01814EPSS
Exploits1References9
Kaspersky
Kaspersky
added 2020/04/07 12:0 a.m.314 views

KLA11727 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A implementation vulnerability in...

9.3CVSS9AI score0.10586EPSS
Exploits9References3
Fedora
Fedora
added 2020/04/06 12:19 a.m.38 views

[SECURITY] Fedora 32 Update: xmlrpc-3.1.3-24.fc32

Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls...

9.8CVSS0.6AI score0.49285EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2020/04/02 8:33 a.m.33 views

CVE-2018-6551

The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...

9.8CVSS3AI score0.02231EPSS
Exploits0References1
Rows per page
Query Builder