Lucene search
K

107 matches found

Tenable Nessus
Tenable Nessus
added 2021/12/01 12:0 a.m.41 views

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5161-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5161-1 advisory. Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some...

7.8CVSS7.4AI score0.00533EPSS
Exploits1References5
OSV
OSV
added 2021/11/30 9:34 p.m.4 views

USN-5161-1 linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS6.8AI score0.00533EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.42 views

SUSE SLED15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2021:3675-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3675-1 advisory. - CVE-2021-3542: Fixed heap buffer overflow in firedtv driver bsc1186063. - CVE-2021-3655: Fixed a missing size validations on inbound...

8.8CVSS7.1AI score0.01476EPSS
Exploits7References98
Tenable Nessus
Tenable Nessus
added 2021/11/09 12:0 a.m.52 views

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5136-1 advisory. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use...

7.8CVSS7.1AI score0.02014EPSS
Exploits3References10
Microsoft CVE
Microsoft CVE
added 2021/10/19 7:0 a.m.5 views

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes.

...

7.8CVSS7AI score0.00358EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/10/12 6:49 a.m.49 views

CVE-2021-42252

A vulnerability was found in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in Aspeed Low Pin Count LPC Bus Controller in the Linux kernel. A miss in the sanity check may allow a malicious local normal privileged user to bypass the boundary check, and map pages that are located outside...

7.8CVSS1.6AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2021/10/11 7:15 p.m.4 views

AZL-6599 CVE-2021-42252 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.8CVSS6.8AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2021/10/11 7:15 p.m.6 views

DEBIAN-CVE-2021-42252

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.8CVSS6.4AI score0.00358EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/10/11 7:15 p.m.59 views

CVE-2021-42252

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.8CVSS6.8AI score0.00358EPSS
Exploits0References8
OSV
OSV
added 2021/10/11 7:15 p.m.6 views

UBUNTU-CVE-2021-42252

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.8CVSS6.7AI score0.00358EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2021/10/11 6:45 p.m.48 views

CVE-2021-42252

An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becaus...

7.8CVSS6.9AI score0.00358EPSS
Exploits0
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory overwrite vulnerability exists in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in Linux kernel...

7.8CVSS6.6AI score0.00358EPSS
Exploits0References15
CVE
CVE
added 2021/09/20 3:27 p.m.43 views

CVE-2021-39547

CVE-2021-39547 affects the SELA lossless audio codec. A NULL pointer dereference in lpc::SampleGenerator::process() (sample_generator.cpp) for SELA 20200412 and earlier versions allows an attacker to cause a Denial of Service. Documents confirm the vulnerable component and root cause but do not p...

5.5CVSS5.4AI score0.00614EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/05/25 6:15 p.m.2 views

UBUNTU-CVE-2020-20445

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service...

6.5CVSS6.8AI score0.01649EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.5 views

FFmpeg数字错误漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. divi is a digital currency. A security vulnerability exists in FFmpeg version 4.2, which stems from a "divide-by-zero" issue in libavcodec/lpc.h, which allows a remote malicious...

6.5CVSS7.2AI score0.01649EPSS
Exploits1References10
Securelist
Securelist
added 2020/09/02 10:0 a.m.303 views

Operation PowerFall: CVE-2020-0986 and variants

In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the...

7.2CVSS8.7AI score0.15932EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/02/24 12:0 a.m.6 views

The vulnerability of the pnv_lpc_do_eccb function in the hardware/ppc/pnv_lpc.c file of the QEMU hardware emulation software allows a hacker to induce a system failure and gain unauthorized access to the PowerNV memory.

The vulnerability of the pnvlpcdoeccb function in the hardware/ppc/pnvlpc.c file of the QEMU hardware emulator is related to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a system failure and gain unauthorized access to the PowerNV memory...

5.5CVSS6.8AI score0.00516EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2019/07/17 9:15 p.m.3 views

CVE-2019-3971

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPCDATAGRAM, which triggers an Access Violation due to hardcoded NULLs used fo...

5.5CVSS6.3AI score0.00368EPSS
Exploits1References1
NVD
NVD
added 2019/07/17 9:15 p.m.22 views

CVE-2019-3971

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPCDATAGRAM, which triggers an Access Violation due to hardcoded NULLs used fo...

5.5CVSS5.2AI score0.00368EPSS
Exploits1References1
Prion
Prion
added 2019/07/17 9:15 p.m.15 views

Hardcoded credentials

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPCDATAGRAM, which triggers an Access Violation due to hardcoded NULLs used fo...

2.1CVSS5.2AI score0.00368EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder