- EPSS 0.45%
- Veröffentlicht 07.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:48
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and ...
CVE-2018-16878
- EPSS 0.44%
- Veröffentlicht 18.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:30
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2018-14638
- EPSS 2.65%
- Veröffentlicht 14.09.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:29
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
CVE-2018-13405
- EPSS 1.01%
- Veröffentlicht 06.07.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:47:02
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a memb...
CVE-2017-7847
- EPSS 1.65%
- Veröffentlicht 11.06.2018 21:29:12
- Zuletzt bearbeitet 21.11.2024 03:32:47
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.
CVE-2017-7829
- EPSS 1.8%
- Veröffentlicht 11.06.2018 21:29:11
- Zuletzt bearbeitet 21.11.2024 03:32:45
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbir...
CVE-2017-7824
- EPSS 3.64%
- Veröffentlicht 11.06.2018 21:29:11
- Zuletzt bearbeitet 25.11.2025 17:50:16
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Thi...
CVE-2016-9901
- EPSS 2.92%
- Veröffentlicht 11.06.2018 21:29:02
- Zuletzt bearbeitet 25.11.2025 17:50:16
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vul...
CVE-2018-1049
- EPSS 7.26%
- Veröffentlicht 16.02.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:04
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will h...
CVE-2017-10661
- EPSS 13.38%
- Veröffentlicht 19.08.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q...