Lucene search
K

4339 matches found

Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.47 views

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2022-2194)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

8.2CVSS6.8AI score0.01366EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/07/29 12:0 a.m.4 views

PT-2022-1383 · Google +3 · Android Kernel +3

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible use after free due to improper locking in the binder vma close function of binder.c. This could lead to local escalation of privilege with...

8.8CVSS7.4AI score0.21314EPSS
Exploits2References72
RedHat Linux
RedHat Linux
added 2022/07/28 4:6 p.m.9 views

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...

5.5CVSS7.3AI score0.00219EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/07/28 4:6 p.m.5 views

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs i.e., going to the err label while executing the method createworkerthreads, the held lock thd-ctrlmutex is not released correctly, which allows local users to trigger a denial ...

5.5CVSS7.3AI score0.00222EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/22 12:0 a.m.73 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2423-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage...

8CVSS7.8AI score0.04947EPSS
Exploits3References37
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.5 views

The vulnerability of the Red Database database management system lies in improper locking of resources, which allows attackers to trigger a service failure.

The vulnerability of the Red Database database management system is related to improper locking of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by opening a specially crafted file through various processes...

6.3CVSS5.5AI score
Exploits0References1Affected Software1
OSV
OSV
added 2022/07/18 3:15 p.m.5 views

CVE-2022-34892

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS6.2AI score0.0024EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/18 3:15 p.m.6 views

CVE-2022-34892

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS6.3AI score0.0024EPSS
Exploits0References3
OSV
OSV
added 2022/07/15 9:51 a.m.7 views

SUSE-SU-2022:2407-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information bsc1199657. -...

8CVSS7.8AI score0.04947EPSS
Exploits4References32
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.73 views

EulerOS Virtualization 2.10.0 : libvirt (EulerOS-SA-2022-2045)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited...

6.5CVSS6.9AI score0.01366EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.57 views

EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2022-2073)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited...

6.5CVSS6.9AI score0.01366EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2022/07/13 6:31 a.m.85 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7CVSS7.5AI score0.0031EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2022/07/13 12:0 a.m.77 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

7CVSS0.1AI score0.0031EPSS
Exploits0References4
OSV
OSV
added 2022/07/06 2:15 p.m.4 views

CVE-2022-21775

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032...

6.7CVSS5.9AI score0.00086EPSS
Exploits0References1
NVD
NVD
added 2022/07/06 2:15 p.m.20 views

CVE-2022-21775

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032...

6.7CVSS0.00086EPSS
Exploits0References1
Prion
Prion
added 2022/07/06 2:15 p.m.16 views

Design/Logic Flaw

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032...

4.6CVSS6.8AI score0.00086EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/06 1:7 p.m.19 views

CVE-2022-21775

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032...

7AI score0.00086EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.7 views

MediaTek 资源管理错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in MediaTek's sched driver, which originates from improper locking, leading to reuse after release. An attacker could exploit this vulnerability to escalate privileges...

6.7CVSS6.7AI score0.00086EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/07/05 12:0 a.m.47 views

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series Improper Resource Locking (CVE-2022-24946)

Improper Resource Locking vulnerability in Mitsubishi Electric MELSEC-Q Series Q03UDECPU all versions, Mitsubishi Electric MELSEC-Q Series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU the first 5 digits of serial number 24051 and prior,...

7.8CVSS7.3AI score0.01556EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/07/02 12:0 a.m.6 views

Eth sent to Timelock will be locked in current implementation

Lines of code Vulnerability details Impact Eth sent to Timelock will be locked in current implementation. I came across this problem while playing around with the governance contract. Proof of Concept Setup the governance contracts GovernorBravoDelegate, Timelock Send eth to timelock contract Set...

6.9AI score
Exploits0
Rows per page
Query Builder