Lucene search
K

1366 matches found

NVD
NVD
added 2018/02/13 8:29 p.m.20 views

CVE-2017-1720

IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807...

5.3CVSS5.8AI score0.00422EPSS
Exploits0References3
OSV
OSV
added 2018/02/13 8:29 p.m.4 views

CVE-2017-1720

IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807...

5.3CVSS6AI score0.00422EPSS
Exploits0References3
Fedora
Fedora
added 2018/02/09 4:30 p.m.36 views

[SECURITY] Fedora 27 Update: tomcat-native-1.2.16-1.fc27

Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced...

5.9CVSS6.1AI score0.03594EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/23 12:0 a.m.231 views

Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...

7.8CVSS7.3AI score0.37431EPSS
Exploits8References6
Apache Httpd
Apache Httpd
added 2018/01/23 12:0 a.m.102 views

Apache Httpd < 2.4.33 : Possible out of bound read in mod_cache_socache

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache...

7.5CVSS2.7AI score0.70783EPSS
Exploits0Affected Software1
Ubuntu
Ubuntu
added 2018/01/22 4:50 p.m.229 views

USN-3538-1: OpenSSH vulnerabilities

Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10009 Jann Horn discovered that OpenSSH...

7.8CVSS7AI score0.37431EPSS
Exploits8
OSV
OSV
added 2018/01/22 4:50 p.m.3 views

USN-3538-1 openssh vulnerabilities

Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10009 Jann Horn discovered that OpenSSH...

7.8CVSS7AI score0.37431EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2017/12/07 12:0 a.m.67 views

FreeBSD : FreeBSD -- POSIX shm allows jails to access global namespace (5b1463dd-dab3-11e7-b5af-a4badb2f4699)

Named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. Impact : A malicious user that has access to a jailed system is able to abuse shared memory by injecting...

7.8CVSS7.2AI score0.00415EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.24 views

FreeBSD 10.3 / 10.4 : shm Insecure Memory Vulnerability (FreeBSD-SA-17:09.shm)

The version of the FreeBSD kernel running on the remote host is prior to 10.3-RELEASE-p24, or 10.4 prior to 10.4-RELEASE-p3. It is, therefore, affected by a potential information disclosure vulnerabilities in shm. An authenticated, remote attacker can exploit this issue by accessing the shared...

7.8CVSS7.3AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2017/11/30 10:29 p.m.2 views

DEBIAN-CVE-2017-1000405

The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmdmkdirty in the touchpmd function inside the THP implementation. touchpmd can be reached by getuserpages. In such case, the pmd will become dirty. This scenario breaks the new canfollowwritepmd's logic - pmd can become dirt...

7CVSS8.1AI score0.02841EPSS
Exploits9References1
OSV
OSV
added 2017/11/30 12:0 a.m.1 views

UBUNTU-CVE-2017-1000405

The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmdmkdirty in the touchpmd function inside the THP implementation. touchpmd can be reached by getuserpages. In such case, the pmd will become dirty. This scenario breaks the new canfollowwritepmd's logic - pmd can become dirt...

7CVSS6.5AI score0.02841EPSS
Exploits9References14
CNVD
CNVD
added 2017/11/29 12:0 a.m.8 views

IBM WebSphere MQ Memory Disclosure Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A memory leak vulnerability exists in IBM WebSphere MQ versions 8.0 and 9.0. An attacker could exploit the vulnerabili...

4.3CVSS6.7AI score0.00938EPSS
Exploits0References1
OSV
OSV
added 2017/11/27 9:29 p.m.6 views

CVE-2017-1283

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144...

4.3CVSS5.8AI score0.00938EPSS
Exploits0References2
NVD
NVD
added 2017/11/27 9:29 p.m.18 views

CVE-2017-1283

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144...

4.3CVSS4.4AI score0.00938EPSS
Exploits0References2
Prion
Prion
added 2017/11/27 9:29 p.m.16 views

Memory corruption

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144...

4CVSS4.4AI score0.00938EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/27 9:0 p.m.25 views

CVE-2017-1283

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144...

4.4AI score0.00938EPSS
Exploits0References2
CVE
CVE
added 2017/11/27 9:0 p.m.58 views

CVE-2017-1283

IBM WebSphere MQ 8.0 and 9.0 is affected by CVE-2017-1283 due to a shared memory leak caused by MQ applications using dynamic queues. An authenticated user can trigger the leak, potentially exhausting resources for other MQ applications. Affected versions include IBM MQ 8.0.0.0–8.0.0.6 and 9.0.0....

4.3CVSS4.3AI score0.00938EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/16 8:29 p.m.10 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.8CVSS7.4AI score0.00415EPSS
Exploits0References3
Prion
Prion
added 2017/11/16 8:29 p.m.14 views

Privilege escalation

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

4.6CVSS7.3AI score0.00415EPSS
Exploits0References3
OSV
OSV
added 2017/11/16 8:29 p.m.6 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.8CVSS6.5AI score
Exploits0References3
Rows per page
Query Builder