CVE-2015-9261
- EPSS 2.37%
- Veröffentlicht 26.07.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 02:40:11
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
CVE-2017-12150
- EPSS 13.33%
- Veröffentlicht 26.07.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:08:56
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in pl...
CVE-2018-10876
- EPSS 0.77%
- Veröffentlicht 26.07.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:11
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.
CVE-2018-10878
- EPSS 0.75%
- Veröffentlicht 26.07.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:12
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
CVE-2018-10879
- EPSS 0.86%
- Veröffentlicht 26.07.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:12
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
CVE-2018-10881
- EPSS 0.77%
- Veröffentlicht 26.07.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:12
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
CVE-2018-0618
- EPSS 2.05%
- Veröffentlicht 26.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:35
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-12163
- EPSS 7.59%
- Veröffentlicht 26.07.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:08:57
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to ...
CVE-2017-7558
- EPSS 3.76%
- Veröffentlicht 26.07.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:32:09
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in ...
CVE-2018-10900
- EPSS 5.06%
- Veröffentlicht 26.07.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:15
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an ...