Lucene search
K

101 matches found

BDU FSTEC
BDU FSTEC
added 2020/11/26 12:0 a.m.6 views

The vulnerability in the socket implementation of Azure Sphere’s operating system allows a hacker to execute arbitrary code. [source-iocs-preserved const=AF_AZSPIO]

The vulnerability of the socket implementation in Azure Sphere’s operating system is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code. source-iocs-preserved const=AFAZSPIO...

8.8CVSS7.8AI score0.01378EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2020/09/10 12:0 a.m.2 views

FreeBSD Buffer Overflow Vulnerability (CNVD-2020-51503)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a denial of service and code execution via an SCTP socket...

5.5CVSS7.9AI score0.00399EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/05/29 12:0 a.m.8 views

The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems allows a hacker to increase their privileges.

The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...

7.8CVSS7.1AI score0.00348EPSS
Exploits0References5Affected Software3
Debian CVE
Debian CVE
added 2020/04/15 12:0 a.m.21 views

CVE-2020-10699

A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...

7.8CVSS7.5AI score0.00348EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.12 views

The vulnerability in the implementation of TCP sockets in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a device reboot and a service failure.

The vulnerability of TCP socket implementations in Cisco IOS and Cisco IOS XE systems is related to state management errors. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure by sending specially crafted HTTP packets...

6.8CVSS6.7AI score0.02004EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/05/08 7:4 p.m.5 views

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

7.8CVSS6.8AI score0.01355EPSS
Exploits5References4
OSV
OSV
added 2018/05/02 10:29 p.m.6 views

CVE-2018-0278

A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attacker could exploit this...

6.5CVSS5.8AI score0.022EPSS
Exploits0References2
exploitpack
exploitpack
added 2018/04/30 12:0 a.m.10 views

Linux Kernel 4.17-rc1 - AF_LLC Double Free

Linux Kernel 4.17-rc1 - AFLLC Double Free define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigne...

7.4AI score
Exploits0
NVD
NVD
added 2018/04/03 10:29 p.m.15 views

CVE-2018-8779

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket...

7.5CVSS8.5AI score0.07169EPSS
Exploits0References17
BDU FSTEC
BDU FSTEC
added 2017/05/22 12:0 a.m.6 views

The vulnerability of the inet_csk_clone_lock function in the net/ipv4/inet_connection_sock.c module of the Linux operating system, which allows a hacker to cause a service failure.

The vulnerability of the inetcskclonelock function in the net/ipv4/inetconnectionsock.c module of the Linux operating system is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to cause a service failure through a remote action...

10CVSS6.5AI score0.01372EPSS
Exploits5References12Affected Software5
CNVD
CNVD
added 2017/01/20 12:0 a.m.1 views

Linux Kernel 'crypto/mcryptd.c' Denial of Service Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the crypto/mcryptd.c file in versions of Linux kernel prior to 4.8.15. A local attacker can exploit this vulnerability to cause a denial of...

5.5CVSS7.8AI score0.00434EPSS
Exploits0References1
exploitpack
exploitpack
added 2016/10/13 4:0 p.m.14 views

SolidWorks-Workgroup-PDM-2014

Title: SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write Vulnerability Date: 2-21-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.solidworks.com/sw/products/product-data-management/workgroup-pdm.htm Tested on: Windows 7 Vulnerability type: Arbitrary...

0.3AI score
Exploits0
OSV
OSV
added 2016/04/27 5:59 p.m.9 views

CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...

5.5CVSS6.8AI score
Exploits0References14
OSV
OSV
added 2015/10/19 10:59 a.m.10 views

CVE-2015-6937

The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound...

6.7AI score
Exploits0References51
Prion
Prion
added 2015/10/19 10:59 a.m.26 views

Null pointer dereference

The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound...

4.9CVSS6AI score0.0052EPSS
Exploits0References31Affected Software3
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.34 views

RHEL 7 : docker (RHSA-2014:0820)

An updated docker package that fixes one security issue is now available for Red Hat Enterprise Linux 7 Extras. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.2CVSS7AI score0.00393EPSS
Exploits1References3
OSV
OSV
added 2014/07/19 7:55 p.m.13 views

CVE-2014-4943

The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...

7.6AI score
Exploits0References31
RedHat Linux
RedHat Linux
added 2014/07/01 4:4 a.m.29 views

Important: Red Hat Security Advisory: docker security update

An updated docker package that fixes one security issue is now available for Red Hat Enterprise Linux 7 Extras. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.2CVSS7AI score0.00393EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Crush FTP 5 'APPE' command Remote JVM BSOD PoC Exploit

No description provided by source. Exploit Title: Crush FTP 5 'APPE' command Remote BSOD Poc Exploit Date: 06/09/2011 Author: BSOD Digital Fabien DROMAS Mail: [email protected] Test: OS: Windows 7 Versions: 5.7.096 Link: https://www.crushftp.com/early5/CrushFTP5PC.zip !/usr/bin/env python...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

APSIS Pound 1.5 - Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately this...

7.1AI score
Exploits0
Rows per page
Query Builder