Lucene search
K

19 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/06/21 12:0 a.m.24 views

Linux Kernel USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability

This vulnerability allows physically present attackers to escalate privileges on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the reset event. The issue results from the lack of proper locki...

7.1CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/06 12:0 a.m.16 views

Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7.5AI score0.00401EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/04/23 12:0 a.m.47 views

Ivanti Avalanche InstallPackageThread Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the InstallPackageThread class. The issue results from the lack of proper locking when...

8.8CVSS8.9AI score0.02373EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/04/23 12:0 a.m.19 views

Ivanti Avalanche doInTransaction Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the doInTransaction method. The issue results from the lack of proper locking when performi...

8.8CVSS8.9AI score0.02373EPSS
Exploits0References1
Prion
Prion
added 2023/07/24 4:15 p.m.26 views

Sql injection

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...

5.1CVSS7.5AI score0.02393EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/07/24 3:19 p.m.33 views

CVE-2023-32258 Session race condition remote code execution vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS8.9AI score0.02515EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/24 3:19 p.m.41 views

CVE-2023-32257 Session race condition remote code execution vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...

8.1CVSS8.7AI score0.02393EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/10 3:9 p.m.43 views

CVE-2023-32250 Session race condition remote code execution vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerabilit...

9CVSS9AI score0.02593EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/05/17 12:0 a.m.27 views

Linux Kernel ksmbd RCU Callback Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

5CVSS7.1AI score0.00157EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/17 12:0 a.m.71 views

Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2SESSIONSETUP and...

8.1CVSS7.4AI score0.02393EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/04/24 11:15 p.m.23 views

CVE-2023-2007

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the...

7.8CVSS6.8AI score0.00288EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/04/24 12:0 a.m.41 views

CVE-2023-2007

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the...

7.8CVSS8.1AI score0.00288EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/04/13 12:0 a.m.28 views

Linux Kernel DPT I2O Controller Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DPT I2O...

6.7CVSS6.9AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/03/07 12:0 a.m.22 views

Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...

7.5CVSS3.5AI score0.00405EPSS
Exploits0References1
OSV
OSV
added 2021/08/02 5:35 p.m.17 views

GHSA-9Q94-V7CH-MXQW Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

7.5CVSS7.5AI score0.0258EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2021/04/22 12:0 a.m.23 views

Oracle VirtualBox LsiLogicSCSI Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS3.2AI score0.00687EPSS
Exploits0References1
Prion
Prion
added 2020/04/22 9:15 p.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard 1.04.358.30. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results fr...

5CVSS7.5AI score0.0258EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2020/03/13 12:0 a.m.33 views

Parallels Desktop xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...

8.2CVSS3AI score0.00371EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2018/10/30 12:0 a.m.53 views

Apple macOS mDNSOffloadUserClient Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

6.9CVSS3.6AI score0.00909EPSS
Exploits0References1
Rows per page
Query Builder