Lucene search
K

53 matches found

OSV
OSV
added 2022/07/27 8:15 p.m.4 views

DEBIAN-CVE-2022-36946

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...

7.5CVSS6.4AI score0.05542EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.18.14 and earlier, which stems from nfqnlmangle in net/netfilter/nfnetlinkqueue.c that allows a remote attacker to cau...

7.5CVSS6.7AI score0.05542EPSS
Exploits1References35
Vulnrichment
Vulnrichment
added 2022/07/27 12:0 a.m.11 views

CVE-2022-36946

nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...

7.3AI score0.05542EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.31 views

Mageia: Security Advisory (MGASA-2017-0429)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.99999EPSS
Exploits19References6
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1479)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.22475EPSS
Exploits29References4
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.49 views

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1479)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the...

10CVSS7.4AI score0.22475EPSS
Exploits29References22
RedHat Linux
RedHat Linux
added 2018/05/29 6:55 p.m.9 views

kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

10CVSS6.9AI score0.52841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/05/08 7:4 p.m.4 views

kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

10CVSS6.9AI score0.52841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/04/17 4:24 p.m.5 views

kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

10CVSS6.9AI score0.52841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/04/10 9:1 a.m.9 views

kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

10CVSS6.9AI score0.52841EPSS
Exploits0References4
n0where
n0where
added 2018/01/09 5:6 a.m.165 views

Web Reconnaissance Framework: Recon-ng

Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can...

7.7AI score
Exploits0References6
OSV
OSV
added 2018/01/03 6:29 a.m.1 views

DEBIAN-CVE-2017-18017

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

9.8CVSS6.4AI score0.52841EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/03 12:0 a.m.4 views

Linux kernel denial of service vulnerability (CNVD-2018-02230)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux...

10CVSS8.6AI score0.52841EPSS
Exploits0References1
OSV
OSV
added 2017/11/29 6:52 p.m.13 views

MGASA-2017-0429 Updated mediawiki packages fix security vulnerabilities

XSS when $wgShowExceptionDetails = false and browser sends non-standard url escaping CVE-2017-8808. Reflected File Download from api.php CVE-2017-8809. On private wikis, login form shouldn't distinguish between login failure due to bad username and bad password CVE-2017-8810. It's possible to...

9.8CVSS7.6AI score0.99999EPSS
Exploits19References3
Mageia
Mageia
added 2017/11/29 6:52 p.m.73 views

Updated mediawiki packages fix security vulnerabilities

XSS when $wgShowExceptionDetails = false and browser sends non-standard url escaping CVE-2017-8808. Reflected File Download from api.php CVE-2017-8809. On private wikis, login form shouldn't distinguish between login failure due to bad username and bad password CVE-2017-8810. It's possible to...

9.8CVSS0.8AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2017/11/20 12:0 a.m.65 views

FreeBSD : mediawiki -- multiple vulnerabilities (298829e2-ccce-11e7-92e4-000c29649f92)

mediawiki reports : security fixes : T128209: Reflected File Download from api.php. Reported by Abdullah Hussam. T165846: BotPasswords doesn't throttle login attempts. T134100: On private wikis, login form shouldn't distinguish between login failure due to bad username and bad password. T178451:...

9.8CVSS7.6AI score0.99999EPSS
Exploits19References11
Tenable Nessus
Tenable Nessus
added 2017/11/16 12:0 a.m.34 views

Debian DSA-4036-1 : mediawiki - security update

Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work : - CVE-2017-8808 Cross-site-scripting with non-standard URL escaping and $wgShowExceptionDetails disabled. - CVE-2017-8809 Reflected file download in API. - CVE-2017-8810 On private wikis...

9.8CVSS6.7AI score0.07714EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2017/11/14 12:0 a.m.22 views

Debian: Security Advisory (DSA-4036-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.07714EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.46 views

OracleVM 3.3 : glibc (OVMSA-2014-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...

7.5CVSS7.6AI score0.18099EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 2014/04/28 4:43 p.m.6 views

Kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper

The help function in net/netfilter/nfnatirc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature...

2.6CVSS6.8AI score0.03849EPSS
Exploits1References4
Rows per page
Query Builder