Lucene search
K

754 matches found

BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.3 views

The vulnerability of the VFIO PCI kernel driver for Linux operating systems, related to insufficient handling of exceptional conditions, allows a hacker to trigger a service failure.

The vulnerability of the VFIO PCI kernel driver in the Linux operating system is related to insufficient handling of exceptional conditions. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.3CVSS6.5AI score0.00404EPSS
Exploits0References35Affected Software5
RedHat Linux
RedHat Linux
added 2020/10/08 7:1 a.m.146 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Interconnect 1.9.0 release and security update

Red Hat AMQ Interconnect 1.9.0 release packages are available for A-MQ Interconnect on RHEL 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS7.1AI score0.99019EPSS
Exploits14References12
Microsoft CVE
Microsoft CVE
added 2020/10/08 7:0 a.m.3 views

pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.

...

3.2CVSS7AI score0.00467EPSS
Exploits0
OSV
OSV
added 2020/10/06 3:15 p.m.2 views

UBUNTU-CVE-2020-25742

pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer...

3.2CVSS6.1AI score0.00467EPSS
Exploits0References4
OSV
OSV
added 2020/09/23 9:15 p.m.1 views

DEBIAN-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

7.8CVSS6.6AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 9:15 p.m.3 views

ALPINE-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

7.8CVSS7AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 9:15 p.m.2 views

UBUNTU-CVE-2020-25595

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...

7.8CVSS6.7AI score0.00373EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.6 views

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

...

5.3CVSS7AI score0.00404EPSS
Exploits0
CNVD
CNVD
added 2020/08/18 12:0 a.m.2 views

Logic flaw vulnerability in Bee.com Internet Enterprise Router

Founded in October 2016, Chengdu ZhiBee.com Technology Limited Liability Company is an emerging high-tech company integrating research and development, production and sales. A logic flaw vulnerability exists in the BeeNet Interconnect Enterprise Router, which can be exploited by attackers to obta...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/05/14 12:0 a.m.12 views

PT-2020-5392 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.13 Description: The issue is related to the VFIO PCI driver in the Linux kernel, which mishandles attempts to access disabled memory space. This can be exploited to cause a denial of service. Recommendations:...

10CVSS7.3AI score0.98745EPSS
Exploits176References2184
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.30 views

Cisco Unified Computing System Fabric Interconnect Root Privilege Escalation (cisco-sa-20190828-ucs-privescalation)

According to its self-reported version, Cisco NX-OS Software on Cisco Unified Computing System Fabric Interconnects is affected by a vulnerability in a specific CLI command within the local management local-mgmt context due to extraneous subcommand options. An authenticated, local attacker can...

7.8CVSS7.5AI score0.00352EPSS
Exploits0References4
OSV
OSV
added 2019/11/07 4:15 p.m.1 views

UBUNTU-CVE-2019-18806

A memory leak in the qlalloclargebuffers function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service memory consumption by triggering pcidmamappingerror failures, aka CID-1acb8f2a7a9f...

5.5CVSS6.7AI score0.00348EPSS
Exploits0References5
NVD
NVD
added 2019/08/30 9:15 a.m.24 views

CVE-2019-1966

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.8CVSS8.1AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2019/08/30 9:15 a.m.8 views

CVE-2019-1966

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.8CVSS7.3AI score0.00352EPSS
Exploits0References1
Prion
Prion
added 2019/08/30 9:15 a.m.22 views

Command injection

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.2CVSS8AI score0.00352EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/08/29 9:45 p.m.64 views

CVE-2019-1966

Cisco UCS Fabric Interconnect vulnerability (CVE-2019-1966) allows local privilege escalation via the local-mgmt CLI. The issue arises from extraneous subcommand options on a specific command, enabling an authenticated, local attacker with valid credentials to execute arbitrary OS commands as roo...

7.8CVSS8.1AI score0.00352EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/08/29 9:45 p.m.16 views

CVE-2019-1966 Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.8CVSS7.7AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/29 9:45 p.m.31 views

CVE-2019-1966 Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability

A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...

7.8CVSS8.1AI score0.00352EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/08/29 2:6 p.m.235 views

Critical Cisco VM Bug Allows Remote Takeover of Routers

A critical remote authentication-bypass vulnerability – with the highest possible severity level of 10 out of 10 on the CvSS scale – has been found in the Cisco REST API virtual service container for Cisco IOS XE Software. The bug CVE-2019-12643 affects the following hardware if running the REST...

10CVSS1.3AI score0.05324EPSS
Exploits0References4
CISA
CISA
added 2019/08/29 12:0 a.m.12 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...

7.3AI score
Exploits0References10
Rows per page
Query Builder