22 matches found
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
SUSE CVE-2022-50543
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr-map double free rxemrcleanup which tries to free mr-map again will be called when rxemrinituser fails: CPU: 0 PID: 4917 Comm: rdmaflushserv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ 25 Hardware name: QEMU...
EUVD-2007-0430
Malware in sbrugna...
EUVD-2020-28154
Malware in sbrugna...
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
SUSE CVE-2020-7017
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...
Cross-site Scripting (XSS)
kibana is susceptible to cross-site scripting XSS. The vulnerability allows a user with privilege to edit or create a region map visualization to inject malicious HTML script via region map visualization feature, leading to sensitive information leakage and perform malicious action on behalf of...
CVE-2020-7017
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...
CVE-2020-7017
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...
Cross site scripting
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...
CVE-2020-7017
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...
CVE-2020-7017
CVE-2020-7017 is a stored XSS in the Kibana region map visualization, affecting Kibana before 6.8.11 and 7.8.1. An attacker who can edit/create a region map could execute scripts in viewers’ browsers and potentially access or perform actions on behalf of Kibana users. Remediation in the public ad...
Elastic Stack 6.8.11 and 7.8.1 security update
Kibana regular expression denial of service flaw ESA-2020-09 Kibana versions before 6.8.11 and 7.8.1 contain a denial of service DoS flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming...
PT-2020-19342 · Elastic · Kibana
Name of the Vulnerable Software and Affected Versions: Kibana versions prior to 6.8.11 Kibana versions prior to 7.8.1 Description: The region map visualization in Kibana contains a stored XSS flaw. An attacker who can edit or create a region map visualization could obtain sensitive information or...
Elastic Kibana < 6.8.6, 7.x < 7.5.1 XSS Vulnerability - Linux
Kibana is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
Elastic Stack 6.8.6 and 7.5.1 security update
Kibana XSS ESA-2019-17 Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that...
OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...