Lucene search
K

5125 matches found

Prion
Prion
added 2018/12/08 4:29 a.m.27 views

Design/Logic Flaw

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

6.9CVSS7.8AI score0.00409EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2018/12/08 4:29 a.m.2 views

UBUNTU-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS7.2AI score0.00409EPSS
Exploits0References4
OSV
OSV
added 2018/12/08 4:29 a.m.26 views

CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS6.9AI score
Exploits0References7
OSV
OSV
added 2018/12/08 4:29 a.m.1 views

DEBIAN-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS9.3AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2018/12/08 4:29 a.m.6 views

ALPINE-CVE-2018-19964

An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service host OS hang because the p2m lock remains unavailable indefinitely in certain error conditions...

6.5CVSS6.5AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2018/12/08 4:29 a.m.3 views

ALPINE-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS7.1AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/12/08 4:0 a.m.17 views

CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7AI score0.00409EPSS
Exploits0References7
CVE
CVE
added 2018/12/08 4:0 a.m.189 views

CVE-2018-19961

CVE-2018-19961 affects the Xen hypervisor up to 4.11.x on AMD x86, where guest OS users may gain host privileges due to TLB flushes not reliably occurring after IOMMU mapping changes. Public documents confirm Xen as the affected product and describe the root cause and potential privilege escalati...

7.8CVSS6.8AI score0.00409EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2018/12/08 4:0 a.m.30 views

CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS3.5AI score0.00409EPSS
Exploits0
n0where
n0where
added 2018/11/26 8:17 a.m.44 views

Track People on the Internet: trape

Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...

0.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2018/11/16 12:0 a.m.89 views

Linux - Broken uid/gid Mapping for Nested User Namespaces

commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switching to a different data structure if the number of mappings exceeds 5: Instead of linear search over an unsorted array of...

7CVSS7.3AI score0.07611EPSS
Exploits24
0day.today
0day.today
added 2018/11/16 12:0 a.m.410 views

Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit

Exploit for linux platform in category local exploits Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switchin...

7AI score0.07611EPSS
Exploits24
exploitpack
exploitpack
added 2018/11/16 12:0 a.m.98 views

Linux - Broken uidgid Mapping for Nested User Namespaces

Linux - Broken uidgid Mapping for Nested User Namespaces commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switching to a different data structure if the number of mappings excee...

4.4CVSS7.1AI score0.07611EPSS
Exploits24
RedHat Linux
RedHat Linux
added 2018/10/30 12:31 p.m.5 views

kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...

5.5CVSS6.7AI score0.00502EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...

5.5CVSS6.7AI score0.00502EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.5 views

kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...

5.5CVSS6.7AI score0.00502EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.4 views

kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...

5.3CVSS7.2AI score0.07291EPSS
Exploits5References5
Veeam
Veeam
added 2018/10/23 6:40 p.m.86 views

Replication Error: The name '{vmname}' already exists.

Challenge Veeam Backup & Replication replication job fails with the following error message: Processing Error: The name 'replica' already exists. When the error above occurs within Veeam Backup & Replication the following correlating event can be found within the vSphere Events. Cause This error...

6.8AI score
Exploits0
n0where
n0where
added 2018/10/23 4:10 a.m.130 views

Web Testing Framework Samurai

The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/09/26 6:9 p.m.16 views

VPNFilter’s Arsenal Expands With Newly Discovered Modules

Researchers have discovered new modules in VPNFilter – the malware behind the widespread campaign in May that infected 75 router brands – revealing that its capabilities are much more widespread and sophisticated than previously thought. After reverse-engineering seven additional third-stage...

0.2AI score
Exploits0References5
Rows per page
Query Builder