CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/10/07 7:32 p.m.•1 views

USN-4574-1 golang-github-seccomp-libseccomp-golang vulnerability

It was discovered that libseccomp-golang did not properly generate BPFs. If a process were running under a restrictive seccomp filter that specified multiple syscall arguments, the application could potentially bypass the intended restrictions put in place by seccomp...

7.5CVSS7.2AI score0.00438EPSS

Ubuntu•added 2020/10/07 7:32 p.m.•81 views

USN-4574-1: libseccomp-golang vulnerability

7.5CVSS7AI score0.00438EPSS

Exploits0

OpenVAS•added 2020/08/17 12:0 a.m.•15 views

Debian: Security Advisory (DLA-2320-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.00438EPSS

Tenable Nessus•added 2020/08/12 12:0 a.m.•36 views

Debian DLA-2320-1 : golang-github-seccomp-libseccomp-golang security update

A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument. Additionally, runc has been rebuilt with the fixed package. For Debian 9 stretch, this problem has been fixed in versi...

7.5CVSS7AI score0.00438EPSS

OSV•added 2020/08/10 12:0 a.m.•41 views

DLA-2320-1 golang-github-seccomp-libseccomp-golang - security update

Bulletin has no description...

7.5CVSS6.8AI score0.00438EPSS

Exploits0

RedHat Linux•added 2020/06/18 9:12 p.m.•3 views

libseccomp-golang: mishandling of multiple argument rules leading to a bypass of intended access restrictions

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

7.5CVSS7.3AI score0.00438EPSS

RedHat Linux•added 2020/06/18 9:12 p.m.•74 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11 atomic-openshift security update

An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS6.6AI score0.08633EPSS

BDU FSTEC•added 2020/04/17 12:0 a.m.•2 views

The vulnerability of the libseccomp library lies in its lack of access control for certain functions. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the libseccomp library is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...

9.8CVSS0.00683EPSS

Exploits0References17Affected Software7

RedhatCVE•added 2020/03/31 8:17 a.m.•31 views

CVE-2017-18367

7.5CVSS2.4AI score0.00438EPSS

Exploits0References3

OpenVAS•added 2020/03/23 12:0 a.m.•64 views

Huawei EulerOS: Security Advisory for libcomps (EulerOS-SA-2020-1293)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.00683EPSS

Exploits1References2

Tenable Nessus•added 2020/03/23 12:0 a.m.•63 views

EulerOS 2.0 SP8 : libcomps (EulerOS-SA-2020-1293)

According to the versions of the libcomps packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make...

9.8CVSS6.9AI score0.00683EPSS

Exploits1References3

OSV•added 2020/03/10 7:4 p.m.•3 views

MGASA-2020-0136 Updated libseccomp packages fix security vulnerability

Updated libseccomp packages fix security vulnerability: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system call...

9.8CVSS9.5AI score0.00683EPSS

Exploits0References3

Mageia•added 2020/03/10 7:4 p.m.•28 views

Updated libseccomp packages fix security vulnerability

9.8CVSS2.5AI score0.00683EPSS

OpenVAS•added 2020/01/23 12:0 a.m.•22 views

Huawei EulerOS: Security Advisory for libseccomp (EulerOS-SA-2019-2025)

OpenVAS•added 2020/01/23 12:0 a.m.•23 views

Huawei EulerOS: Security Advisory for libseccomp (EulerOS-SA-2019-1794)

OpenVAS•added 2020/01/23 12:0 a.m.•28 views

Huawei EulerOS: Security Advisory for libseccomp (EulerOS-SA-2019-1956)

OpenVAS•added 2020/01/23 12:0 a.m.•17 views

Huawei EulerOS: Security Advisory for libseccomp (EulerOS-SA-2019-1856)

OpenVAS•added 2020/01/09 12:0 a.m.•21 views

openSUSE: Security Advisory for libseccomp (openSUSE-SU-2019:2283-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.4AI score0.00683EPSS