Lucene search
K

1370 matches found

CVE
CVE
added 2017/11/27 9:0 p.m.60 views

CVE-2017-1283

IBM WebSphere MQ 8.0 and 9.0 is affected by CVE-2017-1283 due to a shared memory leak caused by MQ applications using dynamic queues. An authenticated user can trigger the leak, potentially exhausting resources for other MQ applications. Affected versions include IBM MQ 8.0.0.0–8.0.0.6 and 9.0.0....

4.3CVSS4.3AI score0.00938EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/16 8:29 p.m.11 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.8CVSS7.4AI score0.00415EPSS
Exploits0References3
Prion
Prion
added 2017/11/16 8:29 p.m.16 views

Privilege escalation

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

4.6CVSS7.3AI score0.00415EPSS
Exploits0References3
OSV
OSV
added 2017/11/16 8:29 p.m.6 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.8CVSS6.5AI score
Exploits0References3
CVE
CVE
added 2017/11/16 8:0 p.m.73 views

CVE-2017-1087

CVE-2017-1087 affects FreeBSD 10.x where named POSIX shared memory objects are globally scoped across jails and host. According to sources, a process in one jail can read/modify shared memory created by another jail or host, enabling malicious content injection into memory regions trusted by appl...

7.8CVSS7.3AI score0.00415EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/11/16 8:0 p.m.14 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.4AI score0.00415EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/11/16 8:0 p.m.23 views

CVE-2017-1087

Removed by vendor...

7.8CVSS7.7AI score0.00415EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2017/11/15 12:0 a.m.9 views

FreeBSD-SA-17:09.shm

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:09.shm Security Advisory The FreeBSD Project Topic: POSIX shm allows jails to access global namespace Category: core Module: shm Announced: 2017-11-15...

7.8CVSS7.1AI score0.00415EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/11/15 12:0 a.m.24 views

FreeBSD -- POSIX shm allows jails to access global namespace

Problem Description: Named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. Impact: A malicious user that has access to a jailed system is able to abuse shared...

7.8CVSS7.3AI score0.00415EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/13 12:0 a.m.45 views

Ubuntu 14.04 LTS / 16.04 LTS : X.Org X server vulnerabilities (USN-3453-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3453-1 advisory. Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either...

7.8CVSS7AI score0.00443EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2017/10/12 2:32 p.m.55 views

USN-3453-1: X.Org X server vulnerabilities

Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly replace shared memory segments of other X clients in the same session...

7.8CVSS6.6AI score0.00443EPSS
Exploits0
OSV
OSV
added 2017/10/12 2:32 p.m.2 views

USN-3453-1 xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial vulnerabilities

Michal Srb discovered that the X.Org X server incorrectly handled shared memory segments. An attacker able to connect to an X server, either locally or remotely, could use this issue to crash the server, or possibly replace shared memory segments of other X clients in the same session...

7.8CVSS6.7AI score0.00443EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/10/10 1:50 p.m.35 views

CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS1.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2017/10/10 1:30 a.m.3 views

ALPINE-CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS6.8AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2017/10/10 1:30 a.m.19 views

CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS6.7AI score0.00357EPSS
Exploits0References6
OSV
OSV
added 2017/10/10 1:30 a.m.1 views

DEBIAN-CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS6.1AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2017/10/10 1:30 a.m.25 views

CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS6.4AI score
Exploits0References6
Prion
Prion
added 2017/10/10 1:30 a.m.20 views

Session fixation

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

1.9CVSS5.7AI score0.00357EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2017/10/09 2:0 p.m.32 views

CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

5.7AI score0.00357EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2017/10/09 2:0 p.m.32 views

CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

4.7CVSS6AI score0.00357EPSS
Exploits0
Rows per page
Query Builder