Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2023/05/30 11:12 p.m.33 views

CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

4.4CVSS5.7AI score0.00023EPSS
Exploits0References7
Rosalinux
Rosalinuxadded 2021/07/02 4:31 p.m.23 views

Advisory ROSA-SA-2021-1804

Software: accountservice 0.6.50 OS: Cobalt 7.9 CVE-ID: CVE-2020-16126 CVE-Crit: LOW CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService,...

5.5CVSS6.8AI score0.01989EPSS
Exploits3
Cvelist
Cvelistadded 2020/12/03 11:15 p.m.16 views

CVE-2020-16123 Bypass of snapd pulseaudio restrictions

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...

4.4CVSS4.5AI score0.00086EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2020/11/23 5:0 p.m.19 views

CVE-2020-16123

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...

4.7CVSS5.9AI score0.00086EPSS
Exploits1References2
OSV
OSVadded 2020/11/11 4:15 a.m.1 views

CVE-2020-16127

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...

5.5CVSS6.5AI score0.00172EPSS
Exploits2References1
UbuntuCve
UbuntuCveadded 2020/11/03 12:0 a.m.30 views

CVE-2020-16126

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion...

3.3CVSS6.5AI score0.01989EPSS
Exploits2References3
UbuntuCve
UbuntuCveadded 2020/08/04 5:0 p.m.17 views

CVE-2020-15704

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

5.5CVSS6.2AI score0.00105EPSS
Exploits0References3
Rows per page
Query Builder