Lucene search
K

3832 matches found

OSV
OSV
added 2017/09/05 6:29 a.m.6 views

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

5.5CVSS8AI score
Exploits0References10
Cvelist
Cvelist
added 2017/09/05 6:0 a.m.27 views

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

6.2AI score0.00469EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2017/09/05 6:0 a.m.31 views

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

5.5CVSS6.5AI score0.00469EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/09/05 12:0 a.m.35 views

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

5.5CVSS6.7AI score0.00469EPSS
Exploits0References8
OSV
OSV
added 2017/09/05 12:0 a.m.2 views

UBUNTU-CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

5.5CVSS6.7AI score0.00469EPSS
Exploits0References9
Broadcom
Broadcom
added 2017/08/25 12:0 a.m.9 views

BSA-2017-373

Security Advisory ID : BSA-2017-373 Component : NFSv4 Revision : 2.0: Interim The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is...

7.8CVSS6.7AI score0.08665EPSS
Exploits0
CNVD
CNVD
added 2017/08/15 12:0 a.m.3 views

Adobe Acrobat/Reader Remote Code Execution Vulnerability (CNVD-2017-28435)

Adobe Reader is a PDF document reading software.Acrobat is a PDF document editing software. A remote code execution vulnerability exists in the XFA layout engine of Adobe Acrobat Reader, which can be exploited by an attacker to execute arbitrary code...

9.3CVSS9.4AI score0.08422EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/15 12:0 a.m.4 views

Adobe Acrobat/Reader Remote Code Execution Vulnerability (CNVD-2017-28434)

Adobe Reader is a PDF document reading software.Acrobat is a PDF document editing software. Adobe Acrobat Reader has a remote code execution vulnerability when using the XFA layout engine to generate content, which can be exploited by an attacker to execute arbitrary code...

9.3CVSS9.5AI score0.07569EPSS
Exploits0References1
OSV
OSV
added 2017/08/11 7:29 p.m.3 views

CVE-2017-11256

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.07569EPSS
Exploits0References3
NVD
NVD
added 2017/08/11 7:29 p.m.21 views

CVE-2017-11256

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.9AI score0.07569EPSS
Exploits0References3
OSV
OSV
added 2017/08/11 7:29 p.m.1 views

CVE-2017-11257

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.08422EPSS
Exploits0References3
Prion
Prion
added 2017/08/11 7:29 p.m.13 views

Design/Logic Flaw

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.8AI score0.09204EPSS
Exploits0References4Affected Software5
Prion
Prion
added 2017/08/11 7:29 p.m.13 views

Type confusion

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.7AI score0.08422EPSS
Exploits0References3Affected Software5
Prion
Prion
added 2017/08/11 7:29 p.m.21 views

Design/Logic Flaw

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.9AI score0.07569EPSS
Exploits0References3Affected Software5
Cvelist
Cvelist
added 2017/08/11 7:0 p.m.24 views

CVE-2017-11224

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.4AI score0.09204EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/08/11 7:0 p.m.25 views

CVE-2017-11256

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.5AI score0.07569EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/08/11 7:0 p.m.19 views

CVE-2017-11257

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...

9.4AI score0.08422EPSS
Exploits0References3
CVE
CVE
added 2017/08/11 7:0 p.m.71 views

CVE-2017-11257

Technical details for CVE-2017-11257 are not publicly available in the provided documents. Monitor for updates.

9.3CVSS9.2AI score0.08422EPSS
Exploits0References3Affected Software5
RedHat Linux
RedHat Linux
added 2017/08/10 11:20 p.m.5 views

Mozilla: Use-after-free with marquee during window resizing

A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox...

9.8CVSS7.3AI score0.02677EPSS
Exploits1References5
CNVD
CNVD
added 2017/08/10 12:0 a.m.1 views

Sandstorm Cap'n Proto Integer Overflow Vulnerability

Cap'n Proto is an extremely fast data exchange format and capability-based RPC system. An integer overflow vulnerability in layout.c++ in Sandstorm Cap'n Proto allows remote peers to cause a denial of service or obtain sensitive information from memory via specially crafted messages...

9.1CVSS7.1AI score0.01803EPSS
Exploits0References1
Rows per page
Query Builder