Lucene search
+L

4722 matches found

OSV
OSV
added 2019/08/20 2:15 p.m.1 views

DEBIAN-CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

4.6CVSS6.7AI score0.00666EPSS
Exploits1References1
OSV
OSV
added 2019/08/20 2:15 p.m.6 views

UBUNTU-CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

4.6CVSS6.7AI score0.00666EPSS
Exploits1References11
OSV
OSV
added 2019/07/30 11:15 p.m.5 views

ALPINE-CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use...

7.8CVSS7.5AI score0.00516EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/30 10:14 p.m.48 views

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use...

8.8CVSS8.1AI score0.00516EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.5 views

The vulnerabilities of Cisco FindIT Network Management and Cisco FindIT Network Probe, which are used for configuring and controlling wired and wireless networks, allow attackers to increase their privileges.

The vulnerability of virtual machine systems for Cisco FindIT Network Management and Cisco FindIT Network Probe involves the use of pre-installed credentials. Exploiting this vulnerability can allow attackers to gain increased privileges...

8.4CVSS5.5AI score0.00322EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2019/07/24 12:0 a.m.4 views

ZZZCMS V1.7.2 version of the background of the existence of arbitrary file reading vulnerability

zzcms is a free and open source building system, mainly facing the majority of webmasters to use. ZZZCMS V1.7.2 there are arbitrary file reading vulnerabilities in the background. An attacker can exploit the vulnerability to read arbitrary files and conduct intranet probes...

6.9AI score
Exploits0
OSV
OSV
added 2019/07/17 9:15 p.m.5 views

CVE-2019-1919

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

7.8CVSS7.1AI score0.00322EPSS
Exploits0References2
Prion
Prion
added 2019/07/17 9:15 p.m.22 views

Design/Logic Flaw

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

7.2CVSS7.5AI score0.00322EPSS
Exploits0References2Affected Software2
Hacker One
Hacker One
added 2019/07/15 2:3 p.m.49 views

Semrush: SSRF In Get Video Contents

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: A SSRF In Get...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/13 7:28 a.m.2 views

Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation

After months of negotiations, the United States Federal Trade Commission FTC has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal. The settlement will put an end to a wide-ranging probe that began more than a year ago and...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/07/08 9:19 a.m.4 views

libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...

8.8CVSS7.5AI score0.00549EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/08 9:19 a.m.4 views

libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API

It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of...

8.8CVSS7.6AI score0.00516EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/07/02 12:0 a.m.29 views

EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1676)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of 'Just in...

5.6CVSS6.3AI score0.00388EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability in the implementation of the if_usb_probe handler in Linux kernel allows a hacker to cause a service failure.

The vulnerability of the ifusbprobe implementation in the kernel of the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a Marvell Libertas WLAN Thinfirm device. This device has a value of 0x0 in the...

5.1CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability in the implementation of the acpi_fan_probe handler in the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the implementation of the acpifanprobe handler in the loaded module of the drivers/acpi/fan.ko file in the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting an ACPI Fan...

5.1CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.9 views

The vulnerability in the implementation of the ems_usb_disconnect handler in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the emsusbdisconnect handler in the Astra Linux operating system’s kernel is related to a memory release error. In the emsusbprobe function, located in the drivers/net/can/usb/emsusb.c file, memory is allocated to the txmsgbuffer field. However, the emsusbdisconnect handler...

6.2CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability in the implementation of the hwarc_probe handler in the operating system kernel of Astra Linux allows a hacker to trigger a service failure.

The vulnerability in the implementation of the hwarcprobe function in the kernel of the Astra Linux operating system’s driver module drivers/uwb/hwa-rc.ko is related to a memory release error. In the hwarcprobe function, memory is allocated to hwarc, but this memory is not released correctly when...

6.2CVSS5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/27 10:35 a.m.2 views

New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches

Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner. Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/25 6:32 a.m.64 views

Facebook Could Be Fined Up To $5 Billion Over Privacy Violations

Facebook expects to face a massive fine of up to $5 billion from the Federal Trade Commission FTC as the result of an investigation into its privacy policies—that's about one month's revenue for the social media giant. To be clear the amount of fine is not what the FTC has announced or hinted yet...

1.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/04/05 12:0 a.m.29 views

Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by following vulnerability - A vulnerability in Performance Routing Version 3 PfRv3 of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload.The vulnerability is due to...

7.1CVSS6.5AI score0.02138EPSS
Exploits0References3
Rows per page
Query Builder