Lucene search
+L

71 matches found

OSV
OSV
added 2022/04/11 5:15 a.m.7 views

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

7.8CVSS7.3AI score
Exploits0References6
Fedora
Fedora
added 2021/12/31 1:21 a.m.39 views

[SECURITY] Fedora 35 Update: pgbouncer-1.16.1-1.fc35

pgbouncer is a lightweight connection pooler for PostgreSQL and uses libevent for low-level socket handling...

8.1CVSS7.5AI score0.01901EPSS
Exploits0
OSV
OSV
added 2021/11/19 11:3 a.m.5 views

OESA-2021-1437 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server...

9.8CVSS6.9AI score0.02507EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/03/04 12:0 a.m.6 views

The vulnerability in the socket implementation with address mapping AF_VSOCK in Linux kernel allows attackers to escalate their privileges.

The vulnerability in the socket implementation with AFVSOCK addressing net/vmwvsock/afvsock.c in the Linux kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS6.5AI score0.01602EPSS
Exploits1References21Affected Software6
Packet Storm
Packet Storm
added 2020/07/31 12:0 a.m.322 views

FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD ip6setpktopt Use-After-Free Privilege Escalation', 'Description' = %q This module exploits a race and use-after-free vulnerability in the...

6.8CVSS0.8AI score0.33106EPSS
Exploits4
OSV
OSV
added 2020/01/24 12:34 p.m.8 views

SUSE-SU-2020:0231-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update java-180-openjdk to version jdk8u242 icedtea 3.15.0 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for a...

8.1CVSS6.2AI score0.04903EPSS
Exploits0References9
Fedora
Fedora
added 2019/09/03 1:3 a.m.41 views

[SECURITY] Fedora 30 Update: python-slixmpp-1.4.2-1.fc30

Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...

7.5CVSS3.1AI score0.02323EPSS
Exploits1
OSV
OSV
added 2018/06/12 12:29 p.m.3 views

CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...

5.9CVSS6.3AI score
Exploits0References9
Cvelist
Cvelist
added 2018/06/12 12:0 p.m.23 views

CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...

7.2AI score0.06609EPSS
Exploits0References9
Packet Storm
Packet Storm
added 2018/05/04 12:0 a.m.43 views

Linux Kernel AF_LLC Double Free

define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigned char sllcxid; unsigned char sllcua;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/30 12:0 a.m.48 views

Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free

define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigned char sllcxid; unsigned char sllcua;...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/04/11 5:52 p.m.14 views

QEMU: Slirp: use-after-free when sending response

A use-after-free issue was found in the Slirp networking implementation of the Quick emulator QEMU. It occurs when a Socket referenced from multiple packets is freed while responding to a message. A user/process could use this flaw to crash the QEMU process on the host resulting in denial of...

7.5CVSS7.1AI score0.03841EPSS
Exploits0References4
OSV
OSV
added 2018/03/01 5:47 p.m.4 views

USN-3586-1 isc-dhcp vulnerabilities

Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-2774 It was discovered that the...

7.5CVSS6.8AI score0.73622EPSS
Exploits0References5
0day.today
0day.today
added 2018/01/21 12:0 a.m.52 views

DarkComet (C2 Server) - File Upload Exploit

Exploit for multiple platform in category web applications !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from r...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.15 views

DarkComet (C2 Server) - File Upload

DarkComet C2 Server - File Upload !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from...

Exploits0
NVD
NVD
added 2017/09/01 1:29 p.m.22 views

CVE-2017-13711

Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU aka Quick Emulator allows attackers to cause a denial of service QEMU instance crash by leveraging failure to properly clear ifqso from pending packets...

7.5CVSS7.5AI score0.03841EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2016/08/23 12:0 a.m.6 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the drivers/char/diag/diagcharcore.c file in Qualcomm’s Android operating system is related to incorrect socket processes. Exploiting this vulnerability can allow a remote attacker to increase their privileges through a specially created application...

6.8CVSS7.3AI score0.00466EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2015/03/04 12:0 a.m.122 views

Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)

/ ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp...

6.9CVSS7.1AI score0.02103EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2014/08/06 3:49 p.m.3 views

kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()

A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...

6.9CVSS6.6AI score0.02103EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2013/07/16 5:18 p.m.5 views

Kernel: net: oops from tcp_collapse() when using splice(2)

The tcpreadsock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service system crash via a crafted splice system call for a TCP socket...

5.5CVSS6.1AI score0.00368EPSS
Exploits1References4
Rows per page
Query Builder