Lucene search
K

50 matches found

CVE
CVE
added 2019/07/26 4:39 a.m.457 views

CVE-2018-20855

CVE-2018-20855 affects Linux kernel before 4.18.7. In mlx5InfiniBand, create_qp_common (mlx5_ib_create_qp_resp) was never initialized, leaking stack memory to userspace. Upstream fix shipped with kernel 4.18.7 (commit 0625b4ba1a5d4703c7fb01c497bd6c156908af00). Mitigation: upgrade to 4.18.7+ or ap...

3.3CVSS4.8AI score0.00463EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2019/06/13 12:0 a.m.5 views

PT-2019-2568 · Abb · Abb Idal Ftp Server

Name of the Vulnerable Software and Affected Versions: ABB IDAL FTP server affected versions not specified Description: The issue is related to the mishandling of format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the...

8.8CVSS8.7AI score0.03713EPSS
Exploits2References11
CVE
CVE
added 2019/03/05 11:0 p.m.179 views

CVE-2019-9578

Concrete details found: CVE-2019-9578 affects Yubico libu2f-host up to version 1.1.8, where the init response is misparsed, leaking uninitialized stack memory to the device. The issue is addressed in later OpenSUSE/SUSE advisories (e.g., libu2f-host 1.1.10) with a fix described as parsing the ini...

7.5CVSS7.3AI score0.02296EPSS
Exploits0References8Affected Software1
Packet Storm
Packet Storm
added 2018/04/06 12:0 a.m.102 views

LineageOS 14.1 Blueborne Remote Code Execution

Exploit Title: LineageOS 14.1 Android 7.1.2 Blueborne RCE CVE-2017-0781 Date: 04/01/2018 Exploit Author: Marcin Kozlowski Tested on: LinageOS 14.1 Android 7.1.2 without BlueBorne Patch CVE : CVE-2017-0781 Provided for legal security research and testing purposes ONLY. Code in exp4.py More info in...

8.3CVSS0.5AI score0.2285EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2016/06/22 12:0 a.m.60 views

openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)

The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils wa...

10CVSS6.7AI score0.2593EPSS
Exploits30References55
OSV
OSV
added 2014/08/13 11:55 p.m.2 views

DEBIAN-CVE-2014-3508

The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process...

4.3CVSS6.2AI score0.23292EPSS
Exploits0References1
OSV
OSV
added 2014/01/06 4:55 p.m.1 views

DEBIAN-CVE-2013-7265

The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

4.9CVSS7.3AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2014/01/06 12:0 a.m.5 views

UBUNTU-CVE-2013-7264

The l2tpiprecvmsg function in net/l2tp/l2tpip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, ...

4.9CVSS6.6AI score0.00434EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2012/12/04 7:43 p.m.5 views

kernel: uts: stack memory leak in UNAME26

The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality...

4.9CVSS6.1AI score0.00959EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/06/29 12:0 a.m.47 views

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

9.8CVSS7.1AI score0.04177EPSS
Exploits25References43
Rows per page
Query Builder