Lucene search
K

304 matches found

Kubernetes Security Advisories
Kubernetes Security Advisories
added 2020/05/27 7:32 p.m.4 views

IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements

CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L 6.0 Medium A cluster configured to use an affected container networking implementation is susceptible to man-in-the-middle MitM attacks. By sending “rogue” router advertisements, a malicious container can reconfigure the host to redirect...

6CVSS6.7AI score0.02428EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2020/05/18 10:24 a.m.2 views

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.83433EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.13 views

Linux: SSH Subsystem

Subsystem: Configures an external subsystem e.g. file transfer daemon. Arguments should be a subsystem name and a command with optional arguments to execute upon subsystem request. The command sftp-server implements the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...

7.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.9 views

Linux: SSH Ciphers

Ciphers: Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. Note: This check fails if any algorithms are found that are not specified in the VT preferences. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a...

7.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2020/05/07 12:0 a.m.8 views

Linux: SSH RSAAuthentication

RSAAuthentication: Specifies whether pure RSA authentication is allowed. This option applies to protocol version 1 only. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/05/06 12:0 a.m.9 views

Linux: SSH PubkeyAuthentication

sshd reads configuration data from /etc/ssh/sshdconfig or the file specified with -f on the command line. The file contains keyword-argument pairs, one per line. Lines starting with SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...

5.9AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/04/14 1:4 p.m.4 views

HTTP/2: request for large response leads to denial of service

A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server's...

7.8CVSS7.2AI score0.27004EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/03/23 8:21 a.m.3 views

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.87806EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2020/03/18 12:0 a.m.5 views

The vulnerability of IPv6 network protocol implementations in the Linux operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of IPv6 network protocol implementations in the Linux operating system’s kernel is related to the lack of protection for data transmitted through the IPsec tunnel. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...

7.8CVSS6.5AI score0.01229EPSS
Exploits0References21Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.4 views

The vulnerability of the HTTP/2 network protocol implementation in the Apache HTTP Server allows for uncontrolled resource consumption, enabling attackers to disclose sensitive information.

The vulnerability of the HTTP/2 network protocol implementation in the Apache HTTP Server is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

7.8CVSS5.4AI score0.27004EPSS
Exploits0References7Affected Software12
0day.today
0day.today
added 2019/10/16 12:0 a.m.81 views

X.Org X Server 1.20.4 - Local Stack Overflow Exploit

Exploit Title: X.Org X Server 1.20.4 - Local Stack Overflow Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage: https://www.x.org/ Version: = 1.20.4 Tested on: Linux CVE: CVE-2019-17624 !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar X.Org X Server 1.20.4 / X Protocol...

7.8CVSS7.7AI score0.03694EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.230 views

X.Org X Server 1.20.4 - Local Stack Overflow

Exploit Title: X.Org X Server 1.20.4 - Local Stack Overflow Date: 2019-10-16 Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage: https://www.x.org/ Version: = 1.20.4 Tested on: Linux CVE: CVE-2019-17624 !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar X.Org X Server...

7.8CVSS7.9AI score0.03694EPSS
Exploits5
OSV
OSV
added 2019/10/09 8:15 p.m.4 views

CVE-2019-0063

When an MX Series Broadband Remote Access Server BRAS is configured as a Broadband Network Gateway BNG with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but continuous...

7.5CVSS5.8AI score0.01282EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/10/02 2:29 p.m.5 views

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

7.8CVSS7.2AI score0.58373EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2019/09/25 6:26 a.m.7 views

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.82813EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2019/09/12 12:29 p.m.2 views

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

7.8CVSS7.1AI score0.82813EPSS
Exploits0References9
myhack58
myhack58
added 2019/04/01 12:0 a.m.101 views

TP-Link SR20 router 0 day vulnerability-a vulnerability warning-the black bar safety net

Google security developer Matthew Garrett found the TP-Link SR20 smart home router There 0 day arbitrary code execution vulnerability in the same network an attacker can exploit the vulnerability to root access to execute arbitrary commands. Garrett said public vulnerability is due from him to th...

0.9AI score
Exploits0
ICS
ICS
added 2019/01/10 12:0 a.m.53 views

Omron CX-One CX-Protocol

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Protocol within CX-One Vulnerabilities: Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the...

7.8CVSS8.3AI score0.01424EPSS
Exploits0References5
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.44 views

Xorg X11 Server (AIX) - Local Privilege Escalation

Xorg X11 Server AIX - Local Privilege Escalation Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Filese...

7.2CVSS0.7AI score0.2704EPSS
Exploits39
RedHat Linux
RedHat Linux
added 2018/11/27 1:26 a.m.6 views

systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling

It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim's one may...

8.8CVSS8.1AI score0.0168EPSS
Exploits0References4
Rows per page
Query Builder