Lucene search
K

70 matches found

Ubuntu
Ubuntu
added 2022/10/14 8:1 p.m.57 views

USN-5683-1: Linux kernel (IBM) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Selim En...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/10/14 6:46 p.m.78 views

USN-5682-1: Linux kernel (AWS) vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/13 8:0 p.m.73 views

USN-5678-1: Linux kernel vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.02972EPSS
Exploits1
OSV
OSV
added 2022/09/21 9:46 a.m.15 views

USN-5624-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-kvm, linux-lowlatency vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS6.9AI score0.05542EPSS
Exploits1References12
Ubuntu
Ubuntu
added 2022/09/21 9:46 a.m.89 views

USN-5624-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
NVD
NVD
added 2020/11/12 10:15 a.m.28 views

CVE-2020-11175

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

7.8CVSS7.8AI score0.002EPSS
Exploits0References1
Prion
Prion
added 2020/11/12 10:15 a.m.25 views

Design/Logic Flaw

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

7.2CVSS7.8AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/11/12 10:0 a.m.34 views

CVE-2020-11175

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

7.8AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2020/11/12 10:0 a.m.57 views

CVE-2020-11175

The CVE-2020-11175 entry describes a use-after-free vulnerability in the Bluetooth transport driver where a method may be invoked on an object after it has been deleted due to improper timer handling. Affected products include Qualcomm/closed-source components for Snapdragon platforms (e.g., Snap...

7.8CVSS7.7AI score0.002EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/21 11:24 a.m.3 views

kernel: use-after-free in sound/core/timer.c

A memory flaw was found in the ALSA subsystem of the Linux kernel. The struct sndtimerinstance function fails the timer-maxinstances check leading to an invalid address. This could lead to a use-after-free vulnerability...

7.8CVSS7.1AI score0.00551EPSS
Exploits1References4
CVE
CVE
added 2019/11/07 4:27 p.m.52 views

CVE-2011-2807

CVE-2011-2807 concerns WebKit in Google Chrome prior to Blink M13, caused by an incorrect handling of timer information in Timer.cpp. The vulnerability affects the timer logic within WebKit used by Chrome, with the NVD entry noting an impact on availability (PARTIAL) and no confidentiality/integr...

6.5CVSS6.2AI score0.00471EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/11/14 3:29 p.m.4 views

UBUNTU-CVE-2018-17468

Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...

6.5CVSS7.2AI score0.01446EPSS
Exploits0References2
OSV
OSV
added 2018/11/14 3:29 p.m.2 views

CVE-2018-17468

Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...

6.5CVSS7.2AI score0.01446EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2018/10/17 12:3 p.m.26 views

CVE-2018-17468

Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...

6.5CVSS2.6AI score0.01446EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/12 12:0 a.m.63 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)

The remote OracleVM system is missing necessary patches to address critical security updates : - dm: fix race between dmgetfromkobject and dmdestroy Hou Tao CVE-2017-18203 - drm: udl: Properly check framebuffer mmap offsets Greg Kroah-Hartman Orabug: 27986407 CVE-2018-8781 - kernel/exit.c: avoid...

7.8CVSS7.2AI score0.04252EPSS
Exploits18References23
CVE
CVE
added 2018/04/03 6:0 a.m.70 views

CVE-2018-4123

CVE-2018-4123 affects Apple iOS before 11.3, specifically the Clock component’s alarm/timer handling. The issue is an information-disclosure vulnerability that could allow a physically proximate attacker to obtain the iTunes email address. The root cause is described as an information-disclosure ...

2.4CVSS4.1AI score0.0038EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.57 views

Ubuntu 12.04 LTS : linux vulnerabilities (USN-3021-1)

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...

7.8CVSS6.4AI score0.04178EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.58 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3018-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3018-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

7.8CVSS7AI score0.05676EPSS
Exploits15References9
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.50 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3016-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3016-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

7.8CVSS7.1AI score0.05676EPSS
Exploits15References9
Ubuntu
Ubuntu
added 2016/06/27 8:1 p.m.69 views

USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Rows per page
Query Builder