Amazon Linux 2 : kernel (ALAS-2021-1588)
The version of kernel installed on the remote host is prior to 4.14.214-160.339. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1588 advisory. In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then...
8.8CVSS
7.7AI Score
0.001EPSS
Issue Overview: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c,...
8.8CVSS
7.4AI Score
0.001EPSS
Security update for the Linux Kernel (important)
An update that solves 17 vulnerabilities and has 62 fixes is now available. Description: The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2020-29568: An issue was discovered in Xen through 4.14.x. Some OSes ...
8.8CVSS
0.3AI Score
0.004EPSS
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9009)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9009 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host...
8.8CVSS
7.9AI Score
0.004EPSS
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9005)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9005 advisory. An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread....
8.8CVSS
8.1AI Score
0.004EPSS
0d1n is a tool for automating customized attacks against web applications. This tool is very faster because uses thread pool and C language. ...
7.7AI Score
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
6.5AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.3AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.3AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.7AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.3AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.1AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
7.4AI Score
0.0004EPSS
Frontends can trigger OOM in Backends by update a watched path
ISSUE DESCRIPTION Some OSes (such as Linux, FreeBSD, NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbound, a guest may be able to trigger a OOM in the backend. IMPACT A...
6.5CVSS
0.8AI Score
0.0004EPSS
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an...
6.5CVSS
7.3AI Score
0.0004EPSS
Embedded TCP/IP stacks have memory corruption vulnerabilities
Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33....
9.8CVSS
7.8AI Score
0.859EPSS
8.8CVSS
8.1AI Score
0.029EPSS
Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain...
5.5CVSS
9.2AI Score
0.467EPSS
Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite
Overview Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to key overwrite, which enables an attacker to to gain additional access to profiles or services that are not restricted by reducing the encryption key strength or...
5.9CVSS
6.4AI Score
0.001EPSS
Lynis 3.0.0 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
4.2CVSS
4AI Score
0.0004EPSS
IP-in-IP protocol routes arbitrary traffic by default
Overview IP Encapsulation within IP (RFC2003 IP-in-IP) can be abused by an unauthenticated attacker to unexpectedly route arbitrary network traffic through a vulnerable device. Description IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be...
5.3CVSS
0.3AI Score
0.015EPSS
Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
Overview Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations are used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. It is possible for an unauthenticated, adjacent attacker to...
5.4CVSS
0.7AI Score
0.001EPSS
Overview Bluetooth Low Energy (BLE) and Basic Rate / Enhanced Data Rate (BR/EDR) Core Configurations are used for low-power short-range communications. To establish an encrypted connection, two Bluetooth devices must pair with each other using an agreed upon Association Model. It is possible for...
6.3CVSS
0.8AI Score
0.001EPSS
-0.4AI Score
Exploit for Classic Buffer Overflow in Point-To-Point Protocol Project Point-To-Point Protocol
Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597......
9.8CVSS
10.6AI Score
0.211EPSS
7.1AI Score
Common Desktop Environment 2.3.1 / 1.6 libDtSvc Buffer Overflow Vulnerability
A difficult to exploit stack-based buffer overflow in the _DtCreateDtDirs() function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 (Update 11) and earlier may allow local users to corrupt memory and potentially execute arbitrary code in order to escalate...
7.8CVSS
0.6AI Score
0.001EPSS
0.3AI Score
0.001EPSS
Bad error path in GNTTABOP_map_grant
ISSUE DESCRIPTION Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to return 1 instead of a negative value. The grant table code in Linux treats this condition as success, and proceeds with incorrectly...
5.5CVSS
0.8AI Score
0.001EPSS
libxfont is vulnerable to arbitrary code execution. The vulnerability exists as a buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially...
3.4AI Score
0.013EPSS
openssl is vulnerable to denial of service (DoS). The vulnerability exists as a buffer over-read flaw was discovered in the way OpenSSL parsed the Certificate Status Request TLS extensions in ClientHello TLS handshake messages. A remote attacker could possibly use this flaw to crash an SSL server.....
3.1AI Score
0.103EPSS
bind is vulnerable to denial of service. It was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash...
4.8AI Score
0.014EPSS
The Network Time Protocol (NTP) is vulnerable to Denial Of Service (DoS). Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled certain malformed NTP packets. ntpd logged information about all such packets and replied with an NTP packet that was treated as malformed when...
2AI Score
0.965EPSS
OpenSSL is vulnerable to denial of service (DoS). Multiple denial of service flaws were discovered in OpenSSL's DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer...
2.9AI Score
0.037EPSS
OpenSSL is vulnerable to denial of service flaw. Flaws in OpenSSL's DTLS implementation allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer...
4.4AI Score
0.077EPSS
OpenSSL is vulnerable to denial of service flaw. Flaws in OpenSSL's DTLS implementation allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer...
4.4AI Score
0.271EPSS
OpenSSL is vulnerable to denial of service flaw. Flaws in OpenSSL's DTLS implementation allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer...
4.4AI Score
0.058EPSS
bind is vulnerable to denial of service. A flaw was found in the way BIND handles dynamic update message packets containing the "ANY" record type. A remote attacker could use this flaw to send a specially-crafted dynamic update packet that could cause named to exit with an assertion...
1.8AI Score
0.965EPSS
ntpd is vulnerable to arbitrary code execution. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request...
3.1AI Score
0.963EPSS
The Network Time Protocol (NTP) is vulnerable to Stack-based Buffer Overflow. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially-crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the...
4.5AI Score
0.043EPSS
file is vulnerable to arbitrary code execution. The vulnerability exists as the fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code...
3.7AI Score
0.049EPSS
bind is vulnerable to denial of service (DoS). The vulnerability exists as a flaw was found in the way BIND processed certain DNS query responses. On servers that had enabled DNSSEC validation, this could allow a remote attacker to cause a denial of...
5.1AI Score
0.971EPSS
Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. The...
9.8CVSS
1.5AI Score
0.211EPSS
pppd vulnerable to buffer overflow due to a flaw in EAP packet processing
Overview pppd (Point to Point Protocol Daemon) versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines. Description PPP is the protocol used for establishing internet...
9.8CVSS
0.5AI Score
0.211EPSS
-0.2AI Score
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Vulnerability
Exploit for hardware platform in category web...
7.1AI Score
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
SecuSTATION IPCAM-130 HD Camera - Remote Configuration...
-0.6AI Score
7.4AI Score
7.4AI Score
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Vulnerability
Exploit for hardware platform in category web...
AI Score