Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1263 matches found

OSV
OSVadded 2020/12/03 5:15 p.m.1 views

DEBIAN-CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

8.8CVSS7.7AI score0.00416EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2020/12/03 5:15 p.m.32 views

CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

8.8CVSS7.1AI score0.00416EPSS
Exploits0References2
Prion
Prionadded 2020/12/03 5:15 p.m.29 views

Design/Logic Flaw

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

7.2CVSS8.1AI score0.00416EPSS
Exploits0References3Affected Software2
CVE
CVEadded 2020/12/03 12:0 a.m.313 views

CVE-2020-14339

CVE-2020-14339 describes a flaw in libvirt where a file descriptor for /dev/mapper/control is leaked into the QEMU process. This enables privileged operations against the host device-mapper, allowing a malicious guest user or process to perform actions outside normal permissions and potentially d...

8.8CVSS8.1AI score0.00416EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVEadded 2020/12/03 12:0 a.m.32 views

CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

8.8CVSS8.3AI score0.00416EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/11/04 1:30 a.m.6 views

libvirt: leak of /dev/mapper/control into QEMU guests

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

8.8CVSS7.3AI score0.00416EPSS
Exploits0References4
Rockylinux
Rockylinuxadded 2020/11/03 12:19 p.m.11 views

device-mapper-persistent-data bug fix and enhancement update

An update is available for device-mapper-persistent-data. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, se...

2.1AI score
Exploits0
OSV
OSVadded 2020/10/30 5:23 p.m.6 views

OPENSUSE-SU-2020:1778-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add dom...

9.3CVSS7.7AI score0.00522EPSS
Exploits0References9
RedHat Linux
RedHat Linuxadded 2020/09/17 1:7 p.m.2 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/01 9:42 a.m.1 views

libvirt: leak of /dev/mapper/control into QEMU guests

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

8.8CVSS7.3AI score0.00416EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/08/31 3:40 p.m.1 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
Veracode
Veracodeadded 2020/08/18 8:23 a.m.48 views

Information Disclosure

libvirt is vulnerable to information disclosure. A file descriptor for /dev/mapper/control is leaked into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host...

8.8CVSS2.1AI score0.00416EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linuxadded 2020/07/28 3:54 p.m.3 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/07/28 3:54 p.m.114 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.59547EPSS
Exploits16References50
RedhatCVE
RedhatCVEadded 2020/07/23 6:37 p.m.41 views

CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

7.2CVSS1.7AI score0.00416EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2020/07/02 7:10 p.m.40 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. By sending a...

9.8CVSS1AI score0.88077EPSS
Exploits12Affected Software1
RedHat Linux
RedHat Linuxadded 2020/06/11 9:11 a.m.6 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/06/11 9:3 a.m.3 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/06/11 7:9 a.m.0 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/06/10 7:23 p.m.1 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
Rows per page
Query Builder