Lucene search
K

39 matches found

Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.6 views

PT-2024-34710 · Unknown +1 · Nvme Driver +1

Name of the Vulnerable Software and Affected Versions: NVMe driver affected versions not specified Description: The NVMe driver queue processing is vulnerable to guest-induced infinite loops. Recommendations: At the moment, there is no information about a newer version that contains a fix for thi...

6.5CVSS6.9AI score0.00378EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.3 views

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the NVMe driver function nvmeopcgetlogpage being susceptible to buffer over-reading, which allows an attacker to perform a denial-of-service DoS attack against t...

6.5CVSS6.7AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2024/10/21 12:15 p.m.2 views

UBUNTU-CVE-2024-47719

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...

7.8CVSS6.5AI score0.00229EPSS
Exploits0References21
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a conflict between the regionintersects function and the addmemorydrivermanaged function of the resource...

5.5CVSS6.7AI score0.00298EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/05/03 2:9 a.m.3 views

SUSE CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

7.8CVSS6.4AI score0.00239EPSS
Exploits0References96
BDU FSTEC
BDU FSTEC
added 2024/03/11 12:0 a.m.8 views

The vulnerability of the dlpar_memory_remove_by_index() function in the Linux operating system’s PowerPC PSeries kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dlparmemoryremovebyindex function in the Linux operating system’s PowerPC PSeries kernel memory driver relates to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References25Affected Software5
NVD
NVD
added 2021/09/27 12:15 p.m.18 views

CVE-2021-0421

In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381235...

5.5CVSS0.00112EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.3 views

Mediatek 芯片 缓冲区错误漏洞

Mediatek chips are smartphone chipsets from China's MediaTek Mediatek. A security vulnerability exists in Mediatek chips, which stems from a lack of boundary checking in the memory management driver, which could result in a local elevation of privilege that requires system execution privileges. T...

5.5CVSS5.9AI score0.00106EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.5 views

Mediatek 芯片 安全漏洞

Mediatek chips are smartphone chipsets from China's MediaTek Mediatek. A security vulnerability exists in the Mediatek chipset, which is caused by uninitialized data from the memory management driver, which could lead to an information disclosure that could result in a local elevation of privileg...

5.5CVSS6AI score0.00112EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2020/02/18 8:34 p.m.127 views

USN-4286-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Veracode
Veracode
added 2019/05/02 5:41 a.m.35 views

Man-in-the-Middle (MitM)

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

7.5CVSS7AI score0.06135EPSS
Exploits0References38Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.37 views

Insufficient Entropy In Key Generation Algorithm

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

7.5CVSS7AI score0.06135EPSS
Exploits0References31Affected Software1
NVD
NVD
added 2017/05/12 3:29 p.m.16 views

CVE-2016-10296

An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:...

4.7CVSS3.7AI score0.00864EPSS
Exploits0References1
NVD
NVD
added 2017/05/12 3:29 p.m.25 views

CVE-2016-10290

An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

7.6CVSS6.4AI score0.01795EPSS
Exploits0References2
CVE
CVE
added 2017/05/12 3:0 p.m.48 views

CVE-2016-10290

CVE-2016-10290 is an elevation-of-privilege issue in the Qualcomm Shared Memory Driver used on Android. The vulnerability could allow a local malicious application to execute arbitrary code in the kernel context by exploiting the shared memory driver. The entry specifies that exploitation is loca...

7.6CVSS6.6AI score0.01795EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/05/12 3:0 p.m.30 views

CVE-2016-10290

An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

6.7AI score0.01795EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.50 views

Scientific Linux Security Update : ntp on 6.x i686/x86_64 (2015:1459)

The remote Scientific Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2015:1459-1 advisory. - The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field...

7.5CVSS6.5AI score0.06135EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/28 12:0 a.m.52 views

CentOS 6 : ntp (CESA-2015:1459)

Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS6.8AI score0.06135EPSS
Exploits0References9
Cent OS
Cent OS
added 2015/07/26 2:13 p.m.85 views

ntp, ntpdate security update

CentOS Errata and Security Advisory CESA-2015:1459 Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerabili...

7.5CVSS6.9AI score0.06135EPSS
Exploits0References7
Rows per page
Query Builder