Lucene search
K

5131 matches found

RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...

5.5CVSS6.7AI score0.00502EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.5 views

kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...

5.5CVSS6.7AI score0.00502EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 10:4 a.m.4 views

kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service

By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program which makes a read call to the /proc//cmdline or /proc//environ files to block indefinitely...

5.3CVSS7.2AI score0.07291EPSS
Exploits5References5
Veeam
Veeam
added 2018/10/23 6:40 p.m.87 views

Replication Error: The name '{vmname}' already exists.

Challenge Veeam Backup & Replication replication job fails with the following error message: Processing Error: The name 'replica' already exists. When the error above occurs within Veeam Backup & Replication the following correlating event can be found within the vSphere Events. Cause This error...

6.8AI score
Exploits0
n0where
n0where
added 2018/10/23 4:10 a.m.130 views

Web Testing Framework Samurai

The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/09/26 6:9 p.m.16 views

VPNFilter’s Arsenal Expands With Newly Discovered Modules

Researchers have discovered new modules in VPNFilter – the malware behind the widespread campaign in May that infected 75 router brands – revealing that its capabilities are much more widespread and sophisticated than previously thought. After reverse-engineering seven additional third-stage...

0.2AI score
Exploits0References5
OSV
OSV
added 2018/09/19 12:0 a.m.3 views

UBUNTU-CVE-2018-17182

An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain thread creation, map, unmap, invalidation, and dereference operations...

7.8CVSS6.9AI score0.03206EPSS
Exploits4References8
Kitploit
Kitploit
added 2018/09/08 1:20 p.m.243 views

PEDA - Python Exploit Development Assistance For GDB

PEDA - Python Exploit Development Assistance for GDB Key Features: Enhance the display of gdb: colorize and display disassembly codes, registers, memory information during debugging. Add commands to support debugging and exploit development for a full list of commands use peda help: aslr --...

7.5AI score
Exploits0References1
n0where
n0where
added 2018/09/05 5:4 p.m.38 views

DNS Rebinding Attack Framework: Singularity

Singularity of Origin is a tool to perform DNS rebinding attacks. It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine’s IP address and to serve attack payloads to exploit vulnerable software on the target machine. It also ships with...

Exploits0References4
CNVD
CNVD
added 2018/08/27 12:0 a.m.3 views

D-Link DIR-615 Cross-Site Scripting Vulnerability (CNVD-2018-16522)

D-Link DIR-615 is a small wireless router product from AUO D-Link. A cross-site scripting vulnerability exists in the D-Link DIR-615 version 20.07. A remote attacker can exploit this vulnerability by leveraging the 'description' field in the AddPortMapping UPnP SOAP request to inject JavaScript...

6.1CVSS6.2AI score0.01176EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/21 12:0 a.m.5 views

Linux kernel denial of service vulnerability (CNVD-2018-24546)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'xenvifsethashmapping' function in the drivers/net/xen-netback/hash.c file in Linux kernel 4.18.1 and earlier, which stems from...

7.8CVSS6.5AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/08/20 11:19 a.m.22 views

CVE-2018-15471

A flaw in the netback module allowed frontends to control mapping of requests to request queues. An attacker can change this mapping by requesting invalid mapping requests allowing the usually privileged backend to access out-of-bounds memory access for reading and writing...

8.2CVSS4AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2018/08/17 6:29 p.m.3 views

DEBIAN-CVE-2018-15471

An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or...

7.8CVSS7.5AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2018/08/17 12:0 a.m.3 views

UBUNTU-CVE-2018-15471

An issue was discovered in xenvifsethashmapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or...

7.8CVSS6.9AI score0.00352EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2018/08/16 12:0 a.m.7 views

PT-2018-3388 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11.x Linux kernel versions prior to 4.18.1 Description: The issue is related to the xenvif set hash mapping function in the Xen hypervisor, which is connected to an integer overflow when handling requests to the netbac...

8.4CVSS7.6AI score0.7354EPSS
Exploits65References309
exploitpack
exploitpack
added 2018/08/13 12:0 a.m.14 views

Switch Port Mapping Tool 2.81.2 - Name Field Denial of Service (PoC)

Switch Port Mapping Tool 2.81.2 - Name Field Denial of Service PoC Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-13 Vendor Homepage: https://switchportmapper.com/...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.38 views

Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)

Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-13 Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download/spm2812.zip...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/13 12:0 a.m.25 views

Switch Port Mapping Tool 2.81.2 Denial Of Service

Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-13 Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download/spm2812.zip...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/08/13 12:0 a.m.29 views

Switch Port Mapping Tool 2.81.2 - Name Field Denial of Service Exploit

Exploit for unix platform in category dos / poc Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Vendor Homepage: https://switchportmapper.com/ Software Link:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/08/08 12:0 a.m.255 views

openSUSE Security Update : the Linux Kernel (openSUSE-2018-826)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-5390 aka 'SegmentSmack': A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario during IP...

7.8CVSS7.6AI score0.7354EPSS
Exploits8References91
Rows per page
Query Builder