Vulnerabilidades en [UNKNOWN]
240 resultadosCVE-2019-3832LOWIt was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_writEPSS 0.5%CVE-2017-7519LOWIn Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service usinEPSS 0.5%CVE-2016-7076MEDIUMsudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C libraEPSS 0.5%CVE-2018-10874HIGHIn ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacEPSS 0.5%CVE-2018-10905HIGHCloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with accEPSS 0.5%CVE-2017-7482HIGHIn the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This EPSS 0.5%CVE-2019-10145HIGHrkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` do not havEPSS 0.5%CVE-2020-10726MEDIUMA vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sEPSS 0.5%CVE-2019-10144HIGHrkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are given EPSS 0.5%CVE-2020-1712HIGHA heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handEPSS 0.5%CVE-2019-19338MEDIUMA flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculativEPSS 0.5%CVE-2019-10147MEDIUMrkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are not liEPSS 0.5%CVE-2018-14662LOWIt was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used EPSS 0.4%CVE-2018-14650MEDIUMIt was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tEPSS 0.4%CVE-2018-14619MEDIUMA flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when eachEPSS 0.4%CVE-2018-16867HIGHA flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usEPSS 0.4%CVE-2017-7500HIGHIt was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changinEPSS 0.4%CVE-2018-14646MEDIUMThe Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the EPSS 0.4%CVE-2018-10846MEDIUMA cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker coulEPSS 0.4%CVE-2019-3830MEDIUMA vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuratiEPSS 0.4%