Lucene search
K

5119 matches found

Cvelist
Cvelist
added 2015/10/30 10:0 a.m.24 views

CVE-2015-6352

Cisco Unified Communications Domain Manager before 10.61 provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891...

6.7AI score0.01816EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2015/10/30 9:23 a.m.23 views

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

7.5CVSS7.8AI score0.06412EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2015/10/15 10:59 a.m.41 views

CVE-2015-6760

The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service invalid read or write or possibly have unspecified other impact v...

7.5CVSS7.3AI score0.01396EPSS
Exploits0References4
OSV
OSV
added 2015/10/15 10:59 a.m.1 views

UBUNTU-CVE-2015-6760

The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service invalid read or write or possibly have unspecified other impact v...

7.5CVSS7.4AI score0.01396EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2015/10/15 10:0 a.m.29 views

CVE-2015-6760

Removed by vendor...

7.5CVSS9.4AI score0.01396EPSS
Exploits0
Cvelist
Cvelist
added 2015/10/15 10:0 a.m.29 views

CVE-2015-6760

The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service invalid read or write or possibly have unspecified other impact v...

9.6AI score0.01396EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2015/10/13 12:0 a.m.7 views

The vulnerability of the RPCbind server for dynamic naming services allows a attacker to cause a service failure.

The vulnerability of the xprtsetcaller function of dynamic naming server RPC ports is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to cause service failures by using specially crafted packets containing the PMAPCALLIT code...

5.3CVSS7.2AI score0.06408EPSS
Exploits0References10Affected Software4
OSV
OSV
added 2015/09/03 2:59 p.m.5 views

CVE-2015-6654

The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...

9.1AI score
Exploits0References4
Prion
Prion
added 2015/09/03 2:59 p.m.18 views

Denial of service

The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...

2.1CVSS7AI score0.00405EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/09/03 2:0 p.m.61 views

CVE-2015-6654

CVE-2015-6654 affects Xen up to and including 4.5.x/4.4.x, where xenmem_add_to_physmap_one does not cap printk messages when failing to retrieve a reference on a foreign page. This can enable DoS by remote domains with permission to map memory of another guest. Upstream mitigation was released in...

2.1CVSS8.2AI score0.00405EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2015/09/03 2:0 p.m.23 views

CVE-2015-6654

The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...

2.1CVSS8AI score0.00405EPSS
Exploits0
Metasploit
Metasploit
added 2015/08/31 5:22 p.m.31 views

UPnP IGD SOAP Port Mapping Utility

Manage port mappings on UPnP IGD-capable device using the AddPortMapping and DeletePortMapping SOAP requests This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'UPnP IGD SOAP Por...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.40 views

FreeBSD : xen-kernel and xen-tools -- Long latency MMIO mapping operations are not preemptible (d40c66cb-27e4-11e5-a4a5-002590263bf5)

The Xen Project reports : The XENDOMCTLmemorymapping hypercall allows long running operations without implementing preemption. This hypercall is used by the device model as part of the emulation associated with configuration of PCI devices passed through to HVM guests and is therefore indirectly...

4.9CVSS7.6AI score0.00453EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.45 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:0701-1)

Xen was updated 4.4.201 to address three security issues and functional bugs. The following vulnerabilities were fixed : - Long latency MMIO mapping operations are not preemptible XSA-125, CVE-2015-2752, bnc922705 - Unmediated PCI command register access in qemu XSA-126, CVE-2015-2756, bnc922706 ...

7.1CVSS7.7AI score0.02278EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.27 views

SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0745-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : CVE-2015-2756: XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through...

7.2CVSS7.1AI score0.0057EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.40 views

SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : XSA-125: Long latency MMIO mapping operations were not preemptible. CVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides...

7.8CVSS6.7AI score0.02513EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.43 views

SuSE 11.3 Security Update : Xen (SAT Patch Number 10560)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : - XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through to guests...

7.2CVSS7.2AI score0.0057EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2015/04/16 4:2 p.m.3 views

Security: Wrong security context loaded when using SAML2 STS Login Module

It was found that when processing undefined security domains, the org.jboss.security.plugins.mapping.JBossMappingManager implementation would fall back to the default security domain if it was available. A user with valid credentials in the defined default domain, with a role that is valid in the...

3.5CVSS5.7AI score0.01739EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/04/16 4:2 p.m.3 views

Security: Wrong security context loaded when using SAML2 STS Login Module

It was found that when processing undefined security domains, the org.jboss.security.plugins.mapping.JBossMappingManager implementation would fall back to the default security domain if it was available. A user with valid credentials in the defined default domain, with a role that is valid in the...

3.5CVSS5.7AI score0.01739EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/04/13 12:0 a.m.32 views

Fedora 20 : xen-4.3.4-2.fc20 (2015-5402)

Long latency MMIO mapping operations are not preemptible XSA-125, CVE-2015-2752 Unmediated PCI command register access in qemu XSA-126, CVE-2015-2756 Certain domctl operations may be abused to lock up the host XSA-127, CVE-2015-2751 update to xen-4.3.4 Note that Tenable Network Security has...

7.1CVSS7.7AI score0.02278EPSS
Exploits0References7
Rows per page
Query Builder