CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1340 matches found

OSV•added 2022/11/04 11:4 a.m.•1 views

OESA-2022-2042 multipath-tools security update

This package provides the multipath tool and the multipathd daemon to manage dm-multipath devices. multipath can detect and set up multipath maps. multipathd sets up multipath maps automatically,monitors path devices for failure, removal, or addition, and applies the necessary changes to the...

7.8CVSS6.8AI score0.00231EPSS

Exploits4References2

OSV•added 2022/11/01 1:15 p.m.•1 views

DEBIAN-CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

7.1CVSS6.9AI score0.00015EPSS

Exploits0References1

CNNVD•added 2022/11/01 12:0 a.m.•2 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen x8...

7.1CVSS7AI score0.00015EPSS

Exploits0References7

OSV•added 2022/10/29 6:15 p.m.•1 views

AZL-11371 CVE-2022-41973 affecting package device-mapper-multipath for versions less than 0.8.6-4

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

7.8CVSS7.1AI score0.00231EPSS

Exploits4References1

OSV•added 2022/10/29 6:15 p.m.•1 views

DEBIAN-CVE-2022-41973

7.8CVSS7.3AI score0.00231EPSS

Exploits4References1

ATTACKERKB•added 2022/10/29 6:15 p.m.•3 views

CVE-2022-41973

7.8CVSS5.6AI score0.00231EPSS

Exploits5References15

OSV•added 2022/10/24 3:0 p.m.•2 views

UBUNTU-CVE-2022-41973

7.8CVSS7AI score0.00231EPSS

Exploits4References4

CNNVD•added 2022/10/24 12:0 a.m.•2 views

Red Hat device-mapper-multipath 后置链接漏洞

Red Hat device-mapper-multipath is a device mapper multipath from Red Hat, Inc. It allows you to configure multiple I/O paths between server nodes and storage arrays into a single device. A security vulnerability exists in Red Hat device-mapper-multipath that stems from multipathd running...

7.8CVSS7.4AI score0.00231EPSS

Exploits4References25

CNVD•added 2022/09/30 12:0 a.m.•48 views

Linux Kernel Resource Management Error Vulnerability (CNVD-2022-69189)

The Linux Kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux Kernel suffers from a security vulnerability that stems from a measure of shared memory usage that does not scale with the number of shared memory segments. An attack...

5.5CVSS6.3AI score0.00014EPSS

Exploits0References1

IBM Security Bulletins•added 2022/09/25 11:9 p.m.•39 views

Security Bulletin: IBM Sterling Certificate Wizard Shared Memory Permission Vulnerability (CVE-2013-1500)

Abstract The IBM Sterling Certificate Wizard is susceptible to a shared memory permission vulnerability. Content VULNERABILITY DETAILS: CVEID:CVE-2013-1500 DESCRIPTION: The GUI implementation may create a shared memory segment with world read/write permissions. If such a memory segment is created...

3.6CVSS7AI score0.00084EPSS

Exploits0Affected Software2

Tenable Nessus•added 2022/09/22 12:0 a.m.•34 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9828)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9828 advisory. - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter:...

7.8CVSS7.3AI score0.02746EPSS

Exploits8References6

OSV•added 2022/09/21 9:46 a.m.•1 views

USN-5624-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-kvm, linux-lowlatency vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS6.9AI score0.05077EPSS

Exploits1References12

OSV•added 2022/09/16 11:4 a.m.•2 views

OESA-2022-1920 wayland security update

Wayland is a protocol for a compositor to talk to its clients as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be...

6.6CVSS7.2AI score0.00026EPSS

Exploits1References2

OSV•added 2022/08/30 8:51 p.m.•0 views

UBUNTU-CVE-2021-3782

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer objects, or if it...

6.6CVSS7AI score0.00026EPSS

Exploits1References5

Microsoft CVE•added 2022/08/30 7:0 a.m.•0 views

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

...

5.5CVSS7.2AI score0.00014EPSS

Exploits0

OSV•added 2022/08/26 4:15 p.m.•1 views

AZL-10676 CVE-2021-3669 affecting package kernel for versions less than 5.15.70.1-1