Lucene search
+L

83 matches found

Prion
Prion
added 2022/04/01 11:15 p.m.23 views

Design/Logic Flaw

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

4.3CVSS4.1AI score0.00735EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2021/05/26 9:15 p.m.1 views

DEBIAN-CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

4.4CVSS6.3AI score0.00277EPSS
Exploits0References1
Prion
Prion
added 2021/05/26 9:15 p.m.33 views

Information disclosure

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

2.1CVSS4.8AI score0.00277EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2021/05/18 4:7 p.m.6 views

kernel: netfilter: use-after-free in the packet processing context

A use-after-free flaw was found in the packet processing context in net/netfilter/xtables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAPNETADMIN capability in an...

6.7CVSS7AI score0.00444EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.54 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9038)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9038 advisory. - netfilter: add and use nfhookslowlist Florian Westphal Orabug: 32372530 CVE-2021-20177 - target: fix XCOPY NAA identifier lookup David Disseldorp...

8.8CVSS7AI score0.06563EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.56 views

Debian DLA-2557-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial o...

8.8CVSS7.4AI score0.06563EPSS
Exploits5References14
UbuntuCve
UbuntuCve
added 2021/01/12 12:0 a.m.44 views

CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

4.4CVSS6.7AI score0.00277EPSS
Exploits0References3
OSV
OSV
added 2021/01/12 12:0 a.m.2 views

UBUNTU-CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

4.4CVSS6.6AI score0.00277EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/19 7:55 p.m.8 views

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update

Red Hat OpenShift Container Platform release 3.11.170 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

8.6CVSS6.7AI score0.87218EPSS
Exploits4References13
OSV
OSV
added 2019/04/02 6:30 p.m.6 views

UBUNTU-CVE-2019-9946

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

7.5CVSS6.9AI score0.03119EPSS
Exploits0References4
Prion
Prion
added 2018/04/24 1:29 a.m.19 views

Design/Logic Flaw

puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources...

6CVSS7.1AI score0.00852EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2017/04/25 8:59 p.m.3 views

CVE-2017-8217

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface...

5.3CVSS5.8AI score0.00939EPSS
Exploits2References1
OSV
OSV
added 2016/04/14 3:59 p.m.4 views

DEBIAN-CVE-2011-4600

The networkReloadIptablesRules function in network/bridgedriver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a 1 DNS or 2 DHCP query...

5.9CVSS6.6AI score0.01783EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/02/03 12:0 a.m.79 views

RHEL 7 : kernel (RHSA-2016:0103)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0103 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA Instruction Set...

10CVSS6.9AI score0.03646EPSS
Exploits17References8
Kitploit
Kitploit
added 2016/01/18 9:33 p.m.27 views

JShielder - LAMP/LEMP Secure Deployment

JSHielder is an Open Source tool developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little...

8AI score
Exploits0References4
Fedora
Fedora
added 2015/11/20 11:28 p.m.13 views

[SECURITY] Fedora 21 Update: perl-IPTables-Parse-1.5-2.fc21

The IPTables::Parse package provides an interface to parse iptables rules on Linux systems through the direct execution of iptables commands, or from parsing a file that contains an iptables policy listing. You can get the current policy applied to a table/chain, look for a specific user-defined...

2.7AI score
Exploits0
F5 Networks
F5 Networks
added 2015/09/09 12:0 a.m.75 views

SOL17242 - Linux kernel SCTP vulnerability CVE-2015-1421

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The BIG-IP/BIG-IQ/Enterprise Manager software contains vulnerable code SCTP kernel module, but the code is not enabled by...

10CVSS0.09828EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/05 11:13 a.m.5 views

kernel: iptables restriction bypass if a protocol handler kernel module not loaded

A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol SCTP case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking...

5CVSS6.7AI score0.05489EPSS
Exploits0References4
OSV
OSV
added 2015/03/02 11:59 a.m.2 views

DEBIAN-CVE-2014-8160

net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with...

5CVSS6.1AI score0.05489EPSS
Exploits0References1
OSV
OSV
added 2014/12/31 12:0 a.m.4 views

UBUNTU-CVE-2014-8160

net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with...

5CVSS6.8AI score0.05489EPSS
Exploits0References9
Rows per page
Query Builder