Lucene search
+L

38 matches found

nessus
nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414460 advisory. A flaw was found in the Linux kernels KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causi...

5.5CVSS6.4AI score0.00443EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-43972

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.0033EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27696

Malicious code in bioql PyPI...

6.7CVSS6.7AI score0.00221EPSS
Exploits0References1
redhat
redhat
added 2024/04/02 5:26 p.m.5 views

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

6.3CVSS6.6AI score0.00613EPSS
Exploits0References4
nvd
nvd
added 2023/12/19 11:15 p.m.29 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.8CVSS0.00483EPSS
Exploits2References3
osv
osv
added 2023/09/01 9:15 p.m.7 views

AZL-43453 CVE-2023-3297 affecting package accountsservice 0.6.55-4

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process...

7.8CVSS5.8AI score0.0033EPSS
Exploits1References1
cnnvd
cnnvd
added 2023/08/22 12:0 a.m.6 views

ASUSTOR Data Master 安全漏洞

ASUSTOR Data Master is a specialized operating system on ASUSTOR NAS from ASUS, China. An authorization issue vulnerability exists in ASUSTOR Data Master, which arises from improper privilege management and can be exploited by an unprivileged local attacker to modify the storage device...

8.7CVSS6.6AI score0.00145EPSS
Exploits0References2
f5
f5
added 2023/02/21 6:7 p.m.34 views

K04327111: Linux kernel vulnerability CVE-2019-3896

Security Advisory Description A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service DoS. CVE-2019-3896 Impact Traffix SDC An attacker may cause...

7.8CVSS7AI score0.00417EPSS
Exploits0
cnnvd
cnnvd
added 2022/12/14 12:0 a.m.2 views

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX suffers from a denial-of-service vulnerability that can be exploited by unprivileged local attackers to cause a denial of service...

6.2CVSS6.2AI score0.00185EPSS
Exploits0References4
mscve
mscve
added 2022/09/07 7:0 a.m.6 views

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls causing a kernel oops condition that results in a denial of service.

...

5.5CVSS7AI score0.00443EPSS
Exploits1
osv
osv
added 2022/08/31 4:15 p.m.8 views

AZL-10794 CVE-2022-2153 affecting package kernel for versions less than 5.15.67.1-4

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

5.5CVSS6.7AI score0.00443EPSS
Exploits1References1
osv
osv
added 2022/08/31 4:15 p.m.2 views

DEBIAN-CVE-2022-2153

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

5.5CVSS5.8AI score0.00443EPSS
Exploits1References1
cvelist
cvelist
added 2022/08/31 3:33 p.m.32 views

CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

6.1AI score0.00419EPSS
Exploits1References4
cve
cve
added 2022/08/31 12:0 a.m.311 views

CVE-2022-2153

CVE-2022-2153 is a vulnerability in the Linux kernel’s KVM related to setting a SynIC IRQ. The issue allows a misbehaving VMM to write to SYNIC/STIMER MSRs, which can cause a NULL pointer dereference and a kernel oops, enabling an unprivileged local attacker on the host to trigger a denial of ser...

5.5CVSS5.8AI score0.00443EPSS
Exploits1References7Affected Software1
cvelist
cvelist
added 2022/04/12 5:50 p.m.20 views

CVE-2022-22550

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over...

6.7CVSS6.6AI score0.00221EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2022/04/08 12:0 a.m.21 views

CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

5.5CVSS6.8AI score0.00419EPSS
Exploits1References4
nvd
nvd
added 2022/03/10 5:44 p.m.23 views

CVE-2021-4095

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...

5.5CVSS0.00387EPSS
Exploits1References4
cvelist
cvelist
added 2022/03/08 2:5 p.m.29 views

CVE-2021-4095

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...

5.7AI score0.00387EPSS
Exploits1References4
nvd
nvd
added 2022/02/16 7:15 p.m.29 views

CVE-2021-3560

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this...

7.8CVSS0.22193EPSS
Exploits37References5
nessus
nessus
added 2022/02/13 12:0 a.m.40 views

EulerOS Virtualization 3.0.6.0 : polkit (EulerOS-SA-2022-1090)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of th...

7.8CVSS7.8AI score0.22193EPSS
Exploits37References2
Rows per page
Query Builder