CVE-2018-16877
- EPSS 0.4%
- Veröffentlicht 18.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:30
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
CVE-2018-16878
- EPSS 0.44%
- Veröffentlicht 18.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:30
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2019-3883
- EPSS 8.43%
- Veröffentlicht 17.04.2019 14:29:03
- Zuletzt bearbeitet 21.11.2024 04:42:47
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are ...
CVE-2019-3459
- EPSS 1.83%
- Veröffentlicht 11.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:05
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-3460
- EPSS 1.83%
- Veröffentlicht 11.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:05
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2019-3837
- EPSS 0.24%
- Veröffentlicht 11.04.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:39
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabl...
- EPSS 1.22%
- Veröffentlicht 09.04.2019 21:29:03
- Zuletzt bearbeitet 21.11.2024 04:42:40
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable wh...
CVE-2019-3880
- EPSS 3.39%
- Veröffentlicht 09.04.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:47
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation...
CVE-2019-3887
- EPSS 0.36%
- Veröffentlicht 09.04.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:48
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled....
CVE-2019-0757
- EPSS 2.7%
- Veröffentlicht 09.04.2019 02:29:00
- Zuletzt bearbeitet 21.11.2024 04:17:13
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.