Lucene search
K

73 matches found

Cvelist
Cvelist
added 2019/05/12 1:55 p.m.23 views

CVE-2019-11885

eyeDisk implements the unlock feature by sending a cleartext password. The password can be discovered by sniffing USB traffic or by sending a 06 05 52 41 01 b0 00 00 00 00 00 00 SCSI command...

6.7AI score0.00429EPSS
Exploits1References1
Veracode
Veracode
added 2019/01/15 8:59 a.m.30 views

Authorization Bypass

Linux kernel-rt is vulnerable to authorization bypass. The default SCSI command filter block/scsiioctl.c does not accommodate commands that overlap across device classes, allowing local users to bypass intended access restrictions to write arbitrary data to a read-only LUN via an SGIO ioctl call...

4.6CVSS8.1AI score0.00349EPSS
Exploits0References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/04/27 12:0 a.m.6 views

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the megasasctrlgetinfo function in the QEMU hardware emulation driver is caused by a buffer overflow on the stack. Exploiting this vulnerability allows an attacker, operating locally, to trigger a service failure using a SCSI controller that executes the CTRLGETINFO command...

1.9CVSS7.1AI score0.00411EPSS
Exploits0References5
NVD
NVD
added 2016/09/02 2:59 p.m.18 views

CVE-2016-4952

QEMU aka Quick Emulator, when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds array access via vectors related to the 1 PVSCSICMDSETUPRINGS or 2 PVSCSICMDSETUPMSGRING SCSI command...

6CVSS6.9AI score0.00369EPSS
Exploits0References7
Prion
Prion
added 2016/09/02 2:59 p.m.26 views

Design/Logic Flaw

QEMU aka Quick Emulator, when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds array access via vectors related to the 1 PVSCSICMDSETUPRINGS or 2 PVSCSICMDSETUPMSGRING SCSI command...

1.9CVSS6.4AI score0.00369EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2016/05/20 2:59 p.m.1 views

DEBIAN-CVE-2016-4441

The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...

6CVSS8.2AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/05/20 2:0 p.m.26 views

CVE-2016-4441

The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...

7AI score0.00383EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2016/05/20 12:0 a.m.33 views

CVE-2016-4441

The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...

6CVSS6.8AI score0.00383EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/13 12:0 a.m.61 views

CentOS 7 : kernel (CESA-2016:1033)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.3AI score0.00397EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/05/12 9:55 a.m.59 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.4AI score0.00397EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.62 views

CentOS Update for kernel CESA-2015:1042 centos5

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882189";...

7.2CVSS6.9AI score0.01395EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/06/04 12:0 a.m.49 views

CentOS 5 : kernel (CESA-2015:1042)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.2CVSS7AI score0.01395EPSS
Exploits3References2
Cent OS
Cent OS
added 2015/06/03 1:55 a.m.88 views

kernel security update

CentOS Errata and Security Advisory CESA-2015:1042 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS...

7.2CVSS6.8AI score0.01395EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.70 views

RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0579 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

7.1CVSS6.7AI score0.21653EPSS
Exploits3References14
OSV
OSV
added 2013/11/22 6:49 p.m.9 views

MGASA-2013-0341 Updated qemu package fixes security vulnerability

A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code...

7.2CVSS8.6AI score0.00434EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.64 views

Amazon Linux AMI : kernel (ALAS-2012-34)

The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume. C Tenable Network Security, Inc. The descriptive text a...

4.6CVSS5.8AI score0.00566EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.54 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2523)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-2523 advisory. - block: default SCSI command filter does not accomodate commands overlap across device classes Jamie Iles Orabug: 16387137 CVE-2012-4542 - KVM: x86: Conver...

6.8CVSS7.4AI score0.0135EPSS
Exploits5References2
Oracle linux
Oracle linux
added 2013/05/09 12:0 a.m.71 views

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.23.1 - Parallel mtrr init between cpus Zhenzhong Duan Orabug: 16777774 - Merge tag 'v2.6.39-400.21.1.16748891' of git://ca-git.us.oracle.com/linux-uek-2.6.39-ofed into uek-2.6.39-400 Maxim Uvarov Orabug: 16748891 - xen-blkfront: use a different scatterlist for each request Roger Pau...

6.8CVSS0.4AI score0.0135EPSS
Exploits5
OpenVAS
OpenVAS
added 2013/03/12 12:0 a.m.28 views

CentOS Update for kernel CESA-2013:0496 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.6CVSS6.4AI score0.00644EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/03/10 12:0 a.m.258 views

CentOS 6 : kernel (CESA-2013:0496)

Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update. The Red Hat Security Response Team has...

6.6CVSS6.5AI score0.00644EPSS
Exploits1References8
Rows per page
Query Builder