Lucene search
K

6347 matches found

BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.4 views

The vulnerability of the `pdprl_get_from_raw_lbl` function in the Linux-astra-modules kernel module, related to improper memory release, allows a hacker to trigger a service failure.

The vulnerability of the pdprlgetfromrawlbl function in the linux-astra-modules kernel module is related to an improper check of the raw parameter. This leads to a slab-out-of-bounds error later on. Exploiting this vulnerability allows an attacker to cause service failures...

6.2CVSS5.5AI score
Exploits0References1
Gitee
Gitee
added 2021/07/06 1:18 p.m.6 views

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with exploit modules and tools for testing and demonstrating vulnerabilities. The primary vulnerability being targeted is not explicitly stated...

9.8CVSS7.5AI score0.83284EPSS
Exploits28
OpenVAS
OpenVAS
added 2021/07/06 12:0 a.m.22 views

Fedora: Security Advisory for ansible (FEDORA-2021-4ad7c70d71)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.4AI score0.00854EPSS
Exploits0References2
Fedora
Fedora
added 2021/07/02 1:21 a.m.48 views

[SECURITY] Fedora 33 Update: ansible-2.9.23-1.fc33

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

7.1CVSS3.3AI score0.00854EPSS
Exploits0
Fedora
Fedora
added 2021/07/02 1:9 a.m.43 views

[SECURITY] Fedora 34 Update: ansible-2.9.23-1.fc34

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

7.1CVSS3.3AI score0.00854EPSS
Exploits0
ThreatPost
ThreatPost
added 2021/07/01 2:11 p.m.44 views

Babuk Ransomware Builder Mysteriously Appears in VirusTotal

The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...

7.2AI score
Exploits0References10
NVD
NVD
added 2021/06/30 11:15 a.m.13 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS0.00321EPSS
Exploits0References2
OSV
OSV
added 2021/06/30 11:15 a.m.1 views

DEBIAN-CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS6.7AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2021/06/30 11:15 a.m.3 views

ALPINE-CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS6.7AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2021/06/30 11:15 a.m.43 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS6.4AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/06/30 11:15 a.m.5 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS5.3AI score0.00321EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/06/30 10:32 a.m.22 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

6.5AI score0.00321EPSS
Exploits0References2
CVE
CVE
added 2021/06/30 10:32 a.m.133 views

CVE-2021-28693

CVE-2021-28693 (Xen ARM): The boot modules (e.g., kernel, initramfs) loaded by the Xen bootloader are not scrubbed in Arm environments, risking leakage of sensitive data from modules when handed to domain memory. The issue originates from the boot path not scrubbed before copying to domain memory...

5.5CVSS6AI score0.00321EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/06/30 10:32 a.m.22 views

CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

5.5CVSS0.8AI score0.00321EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2021/06/29 1:42 p.m.19 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2021/06/29 12:0 a.m.124 views

An EPYC escape: Case-study of a KVM breakout

Posted by Felix Wilhelm, Project Zero Introduction KVM for Kernel-based Virtual Machine is the de-facto standard hypervisor for Linux-based cloud environments. Outside of Azure, almost all large-scale cloud and hosting providers are running on top of KVM, turning it into one of the fundamental...

7.4CVSS7.3AI score0.00413EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.5 views

The vulnerability of the update_log function (lib/Cleantalk/ApbctWP/Firewall/SFW.php) in spam protection modules, including AntiSpam and CleanTalk firewall plugins, allows attackers to execute arbitrary SQL queries.

The vulnerability of the updatelog function in modules for spam protection, AntiSpam, and CleanTalk firewall plugins is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

7.8CVSS7.6AI score0.04691EPSS
Exploits1References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.4 views

The vulnerability in the array distribution of the library for working with PKCS P11-kit modules allows a hacker to cause a service failure.

The vulnerability in the array distribution of the library for working with PKCS P11-kit modules is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through using calls like realloc or calloc...

6.5CVSS7AI score0.0335EPSS
Exploits0References13Affected Software8
Github Security Blog
Github Security Blog
added 2021/06/18 6:44 p.m.79 views

Remote Code Execution via traversal in TAL expressions

Impact Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python...

8.8CVSS2.4AI score0.01843EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2021/06/18 6:44 p.m.25 views

GHSA-5PR9-V234-JW36 Remote Code Execution via traversal in TAL expressions

Impact Most Python modules are not available for using in TAL expressions that you can add through-the-web, for example in Zope Page Templates. This restriction avoids file system access, for example via the 'os' module. But some of the untrusted modules are available indirectly through Python...

7.6CVSS8.5AI score0.01843EPSS
Exploits1References8
Rows per page
Query Builder