kubernetes engine vulnerabilities and exploits

NA
CVE-2018-12130

A vulnerability in the Microarchitectural Fill Buffer Data Sampling (MFBDS) of Intel microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the...

NA
CVE-2018-12127

A vulnerability in the Microarchitectural Load Port Data Sampling (MLPDS) of Intel Microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the affected...

NA
CVE-2019-11091

A vulnerability in the Microarchitectural Data Sampling Uncacheable Memory (MDSUM) of Intel microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the...

NA
CVE-2018-12126

A vulnerability in the Microarchitectural Store Buffer Data Sampling (MSBDS) of Intel Microcode could allow a local attacker to access sensitive information on a targeted system. The vulnerability is due to improper memory operations that could expose a side channel on the...

5
CVSSv2
CVE-2019-3560

An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00....

FacebookFizz
10
CVSSv2
CVE-2019-7304

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....

CanonicalUbuntu Linux
7.2
CVSSv2
CVE-2019-0797

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808....

7.2
CVSSv2
CVE-2019-0808

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797....

MicrosoftWindows 7Windows Server 2008
7.2
CVSSv2
CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent...

ApacheHttp ServerCanonicalUbuntu LinuxDebianDebian LinuxFedoraprojectFedoraOpensuseLeap
9.3
CVSSv2
CVE-2018-4415

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1....

AppleMac Os X