CVE-2017-15129
- EPSS 0.36%
- Veröffentlicht 09.01.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:07
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in ne...
CVE-2014-1859
- EPSS 0.47%
- Veröffentlicht 08.01.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 02:05:10
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
CVE-2014-8119
- EPSS 2.67%
- Veröffentlicht 29.12.2017 22:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
CVE-2016-3695
- EPSS 0.51%
- Veröffentlicht 29.12.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelev...
- EPSS 5.5%
- Veröffentlicht 18.12.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server...
CVE-2017-15104
- EPSS 0.43%
- Veröffentlicht 18.12.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
CVE-2017-15121
- EPSS 0.4%
- Veröffentlicht 07.12.2017 02:29:13
- Zuletzt bearbeitet 13.05.2026 00:24:29
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
CVE-2017-15116
- EPSS 0.38%
- Veröffentlicht 30.11.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).
CVE-2017-15102
- EPSS 0.39%
- Veröffentlicht 15.11.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occur...
CVE-2017-1000111
- EPSS 0.37%
- Veröffentlicht 05.10.2017 01:29:04
- Zuletzt bearbeitet 13.05.2026 00:24:29
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_...