Lucene search
K

44 matches found

Debian CVE
Debian CVE
added 2017/11/14 5:0 p.m.65 views

CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

6.5CVSS6.7AI score0.0141EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/11/14 3:0 p.m.26 views

CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

6.5CVSS6.6AI score0.0141EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/02/08 12:0 a.m.29 views

CVE-2017-5936

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...

7.5CVSS7.1AI score0.0291EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/02/24 12:0 a.m.30 views

CVE-2016-2544

Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...

5.1CVSS6.8AI score0.00337EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2015/10/21 12:0 a.m.30 views

CVE-2015-4864

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges...

3.5CVSS6.9AI score0.02388EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/09/23 12:0 a.m.37 views

CVE-2015-7312

Multiple race conditions in the Advanced Union Filesystem aufs aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service use-after-free and BUG or possibly gain privileges via a 1 madvise or 2 msync system call, related to...

4.4CVSS6.8AI score0.00389EPSS
Exploits1References8
Exploit DB
Exploit DB
added 2015/04/17 12:0 a.m.60 views

Apport 2.14.1 (Ubuntu 14.04.2) - Local Privilege Escalation

!/bin/sh CVE-2015-1318 Reference: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1438758 Example: % uname -a Linux maggie 3.13.0-48-generic 80-Ubuntu SMP Thu Mar 12 11:16:15 UTC 2015 x8664 x8664 x8664 GNU/Linux % lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Descriptio...

7.2CVSS6.8AI score0.04187EPSS
Exploits12
UbuntuCve
UbuntuCve
added 2014/01/30 12:0 a.m.40 views

CVE-2014-0038

The compatsysrecvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIGX86X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter...

6.9CVSS6.8AI score0.34649EPSS
Exploits16References4
UbuntuCve
UbuntuCve
added 2013/12/14 12:0 a.m.37 views

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

7.2CVSS6.8AI score0.0053EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2013/01/09 12:0 a.m.27 views

CVE-2013-0771

Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafte...

9.3CVSS7.8AI score0.05334EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2012/11/09 12:0 a.m.39 views

CVE-2012-4444

The ip6fragqueue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments...

5CVSS5.9AI score0.03614EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2012/08/28 5:55 p.m.28 views

CVE-2012-2085

The execcommand function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute...

6.8CVSS6.2AI score0.03179EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2011/10/07 2:51 a.m.13 views

CVE-2011-2191

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

6.8CVSS5.9AI score0.01398EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2009/09/14 4:30 p.m.15 views

CVE-2009-2947

Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...

4.3CVSS6AI score0.019EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/06/11 3:30 p.m.36 views

CVE-2009-0198

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a...

9.3CVSS6.3AI score0.08835EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/03/09 12:0 a.m.39 views

CVE-2009-0781

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS6.4AI score0.09125EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2008/09/29 7:25 p.m.24 views

CVE-2008-3827

Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...

9.3CVSS6.2AI score0.10852EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/04/10 7:5 p.m.58 views

CVE-2008-1722

Multiple integer overflows in 1 filter/image-png.c and 2 filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service crash and trigger memory corruption, as demonstrated via a crafted PNG image...

4.3CVSS6.8AI score0.02EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2008/03/31 5:44 p.m.27 views

CVE-2008-1558

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...

10CVSS6.2AI score0.16802EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/02/11 9:0 p.m.16 views

CVE-2008-0666

Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on 1 the /tmp/pe.tmp.$$ temporary file used by wmlcontrib/wmg.cgi and 2 temporary files used by wmlbackend/p3eperl/eperlsys.c...

3.6CVSS5.9AI score0.00433EPSS
Exploits1References1
Rows per page
Query Builder