CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

securityvulns•added 2011/03/03 12:0 a.m.•73 views

Mozilla Foundation Security Advisory 2011-04

Mozilla Foundation Security Advisory 2011-04 Title: Buffer overflow in JavaScript upvarMap Impact: Critical Announced: March 1, 2011 Reporter: Christian Holler Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.14 Firefox 3.5.17 SeaMonkey 2.0.12 Description Security researcher Christian Holler...

10CVSS0.9AI score0.04554EPSS

Exploits0

Mozilla•added 2011/03/01 12:0 a.m.•33 views

Buffer overflow in JavaScript upvarMap — Mozilla

Security researcher Christian Holler reported that the JavaScript engine's internal memory mapping of non-local JS variables contained a buffer overflow which could potentially be used by an attacker to run arbitrary code on a victim's computer...

10CVSS2.9AI score0.04554EPSS

Exploits0References2Affected Software2

Exploit DB•added 2010/08/27 12:0 a.m.•201 views

Linux Kernel < 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - 'CAN BCM' Local Privilege Escalation

/ i-CAN-haz-MODHARDEN.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area Network CAN subsystem when setting up frame content and filtering certain messages. An attacker...

7.2CVSS6.6AI score0.03777EPSS

Exploits6

RedHat Linux•added 2010/03/29 12:0 p.m.•6 views

libspice: Insufficient guest provided memory mappings boundaries validations

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor aka RHEV-H or rhev-hypervisor before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings...

7.4CVSS5.9AI score0.00486EPSS

RedHat Linux•added 2010/03/24 3:46 p.m.•3 views

kvm: emulator privilege escalation segment selector check

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...

4.4CVSS5.8AI score0.0035EPSS

RedHat Linux•added 2009/11/17 3:23 p.m.•4 views

kernel: SELinux and mmap_min_addr

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to 1 the default configuration of the allowunconfinedmmapl...

7.2CVSS7.1AI score0.00512EPSS

Positive Technologies•added 2009/11/16 12:0 a.m.•4 views

PT-2009-6112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31.6 Description: The issue allows local users to cause a denial of service OOPS via an application that attempts to allocate a large amount of memory. This is due to a problem in the do mmap pgoff function ...

4.9CVSS6AI score0.00749EPSS

Exploits1References7

RedHat Linux•added 2009/09/22 2:50 p.m.•1 views

kernel: uninit op in SOCKOPS_WRAP() leads to privesc

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...

7.8CVSS7.1AI score0.14749EPSS

Exploits17References4

seebug.org•added 2009/06/18 12:0 a.m.•17 views

FreeBSD直接管道写操作本地信息泄露漏洞

BUGTRAQ ID: 35279 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD和其他UNIX类系统上最常见的进程间通讯方式之一是匿名管道。这种机制会创建一对文件描述符，可以从一个描述符读取写入到另一个描述符的数据。 FreeBSD的管道实现中包含名为“直接写入”的优化。在这种优化中，FreeBSD内核利用虚拟内存映射允许直接在进程之间拷贝数据，而不是在调用...

6.9AI score

Exploits0

Tenable Nessus•added 2009/04/23 12:0 a.m.•42 views

CentOS 4 : kernel (CESA-2007:0014)

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

9.4CVSS5.5AI score0.05605EPSS

Exploits4References18

OpenVAS•added 2009/03/06 12:0 a.m.•44 views

RedHat Update for kernel RHSA-2007:1049-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2007:1049-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

4.9CVSS0.6AI score0.00431EPSS

Exploits0References2

RedHat Linux•added 2009/01/08 3:47 p.m.•3 views

kernel: open() call allows setgid bit when user is not in new file's group

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

RedHat Linux•added 2009/01/05 7:8 a.m.•2 views

kernel: open() call allows setgid bit when user is not in new file's group

RedHat Linux•added 2008/12/17 3:8 a.m.•4 views

kernel: open() call allows setgid bit when user is not in new file's group

RedHat Linux•added 2008/11/04 10:11 a.m.•1 views

kernel: open() call allows setgid bit when user is not in new file's group

RedHat Linux•added 2008/10/01 3:27 p.m.•3 views

qemu/xen/kvm: ioemu: Fix PVFB backend to limit frame buffer size

The backend for XenSource Xen Para Virtualized Frame Buffer PVFB in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service crash by mapping an arbitrary amount of guest memory...

2.1CVSS6AI score0.00379EPSS