9185 matches found
Denial Of Service (DoS)
The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was found in the Fast Userspace Mutexes futexes implementation. The unlock code path did not check if the futex value associated with pistate-owner had been modified. A local user could use...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw in the NFSv4 implementation. Several NFSv4 file locking functions failed to check whether a file had been opened on the server before performing locking operations on it...
Denial Of Service (DoS)
The kernel vulnerable to denial of service DoS. The Parallels Virtuozzo Containers team reported the RHSA-2009:1243 update introduced two flaws in the routing implementation. If an attacker was able to cause a large enough number of collisions in the routing hash table via specially-crafted packe...
Access Restrictions Bypass
JRE proxy is vulnerable to access restrictions bypass. An additional flaw was found in the proxy mechanism implementation. This flaw allowed an untrusted applet or application to bypass access restrictions and communicate using non-authorized socket or URL connections to hosts other than the orig...
Denial Of Service (DoS)
kernel isvulnerable to denial of service DoS. The vulnerability exists as several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. By default, the /dev/sg devices are accessible only to the root user...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the addtopagecachelru function...
Privilege Escalation
mutt is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in the way Mutt used temporary files on NFS file systems. Due to an implementation issue in the NFS protocol, Mutt was not able to exclusively open a new file. A local attacker could conduct a time-dependent...
CVE-2020-6440
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...
CVE-2020-6447
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...
CVE-2019-14378
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...
CVE-2018-21058
An issue was discovered on Samsung mobile devices with N7.0, O8.0 exynos7420 or Exynos 8890/8996 chipsets software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension CE is not used. The Samsung ID is SVE-2018-12761 September...
CVE-2019-11840
An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...
CVE-2016-5386
An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's net/http package,...
RHEL 6 : chromium-browser (RHSA-2020:1350)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1350 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.162. Security Fixes:...
KLA11727 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A implementation vulnerability in...
[SECURITY] Fedora 32 Update: xmlrpc-3.1.3-24.fc32
Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls...
CVE-2018-6551
The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...