CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

Github Security Blog•added 2024/03/06 5:4 p.m.•22 views

*const c_void / ExternalPointer unsoundness leading to use-after-free

Summary Use of inherently unsafe const cvoid and ExternalPointer leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. Details const cvoid and ExternalPointer defined via external! macros types are used to represent v8::External wrapping arbitrary void...

8.8CVSS6.2AI score0.00293EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2023/09/07 12:0 a.m.•36 views

Oracle Linux 5 : kernel (ELSA-2017-2801)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2801 advisory. - fs fix bug in loading of PIE binaries Michael Davidson orabug 26916951 CVE-2017-1000253 Tenable has extracted the preceding description block directly from th...

7.8CVSS7.3AI score0.57266EPSS

Exploits5References2

Tenable Nessus•added 2022/05/09 12:0 a.m.•26 views

NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2022-0075)

The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities: - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maxim...

9.8CVSS7.2AI score0.05438EPSS

Exploits11References37

RedhatCVE•added 2021/02/01 8:11 a.m.•38 views

CVE-2017-1000253

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

7.8CVSS1.2AI score0.57266EPSS

Exploits5References2

Veracode•added 2019/01/15 9:18 a.m.•31 views

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution attacks. The vulnerability exists as Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in...

7.8CVSS7.8AI score0.57266EPSS

Exploits5References15Affected Software1

NVD•added 2017/10/05 1:29 a.m.•24 views

CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

7.8CVSS7.5AI score0.57266EPSS

Exploits5References14

ATTACKERKB•added 2017/10/05 12:0 a.m.•14 views

CVE-2017-1000253

7.8CVSS7.4AI score0.57266EPSS

In wildExploits5References14

Vulnrichment•added 2017/10/04 1:0 a.m.•32 views

CVE-2017-1000253

7.4AI score0.57266EPSS

Exploits5References13

Tenable Nessus•added 2017/09/27 12:0 a.m.•35 views

RHEL 6 : kernel (RHSA-2017:2798)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2798 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw was found in the way the Linux kernel...

7.8CVSS7AI score0.57266EPSS

Exploits5References5

RedHat Linux•added 2017/09/26 6:13 p.m.•45 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.7AI score0.57266EPSS

Exploits5References3

Tenable Nessus•added 2017/06/20 12:0 a.m.•64 views

Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The offset2lib patch as use...

7.8CVSS6.8AI score0.0309EPSS

Exploits12References3

NVD•added 2017/06/19 4:29 p.m.•17 views

CVE-2017-1000371

The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimu...

7.8CVSS7.6AI score0.02161EPSS

Exploits6References6

NVD•added 2017/06/19 4:29 p.m.•24 views

CVE-2017-1000370

The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2li...

7.8CVSS7.8AI score0.01715EPSS

Exploits6References6

Prion•added 2017/06/19 4:29 p.m.•32 views

Design/Logic Flaw

7.2CVSS7.3AI score0.02161EPSS

Exploits9References6Affected Software1

Cvelist•added 2017/06/19 4:0 p.m.•25 views

CVE-2017-1000370

7.4AI score0.01715EPSS

Exploits6References6

Debian CVE•added 2017/06/19 4:0 p.m.•34 views

CVE-2017-1000370

7.8CVSS5.8AI score0.01715EPSS

Exploits6

CVE•added 2017/06/19 4:0 p.m.•165 views

CVE-2017-1000370

CVE-2017-1000370 affects the Linux kernel (4.11.5 and earlier) on i386. The offset2lib patch vulnerability lets a PIE binary be execve’d with an enormous 1 GB argument/environment list, causing the stack to occupy 0x80000000 and the PIE binary to be mapped above 0x40000000, bypassing the patch’s ...

7.8CVSS7.3AI score0.01715EPSS

Exploits6References6Affected Software1

Debian CVE•added 2017/06/19 4:0 p.m.•51 views

CVE-2017-1000371

7.8CVSS6.6AI score0.02161EPSS

Exploits6