matthew daley vulnerabilities and exploits

(subscribe to this query)

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel up to and including 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system ...

Linux Linux Kernel Fedoraproject Fedora 20 Oracle Linux 5

drivers/vhost/net.c in the Linux kernel prior to 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via ...

Linux Linux Kernel

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package prior to 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host O...

Redhat Enterprise Linux 6.0

The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which causes a mutex to be...

Use-after-free vulnerability in nginx prior to 1.0.14 and 1.1.x prior to 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.

F5 Nginx Fedoraproject Fedora 15 Fedoraproject Fedora 16 Fedoraproject Fedora 17 Debian Debian Linux 6.0

The resolve_redirects function in sessions.py in requests 2.1.0 up to and including 2.5.3 allows remote malicious users to conduct session fixation attacks via a cookie without a host value in a redirect.

Mageia Project Mageia 4.0 Python Requests 2.1.0 Python Requests 2.2.1 Python Requests 2.3.0 Python Requests 2.4.1 Python Requests 2.4.3 Python Requests 2.5.0 Python Requests 2.5.1 Python Requests 2.5.2 Python Requests 2.4.0 Python Requests 2.4.2 Python Requests 2.5.3 Canonical Ubuntu Linux 14.10 Canonical Ubuntu Linux 14.04

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_de...

Xen Xen 4.0.0 Xen Xen 4.1.0 Xen Xen 4.2.0 Citrix Xenserver

The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel prior to 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table ...

Linux Linux Kernel Canonical Ubuntu Linux 14.04 Debian Debian Linux 7.0

The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 de...

Citrix Xenserver Xen Xen 4.0.0 Xen Xen 4.1.0 Xen Xen 4.2.0

EmbedThis GoAhead 3.0.0 up to and including 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote malicious users to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbi...

Embedthis Goahead 3.0.0 Embedthis Goahead 3.3.2 Embedthis Goahead 3.3.1 Embedthis Goahead 3.4.0 Embedthis Goahead 3.3.6 Embedthis Goahead 3.3.5 Embedthis Goahead 3.3.4 Embedthis Goahead 3.3.3

1 Github repository

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook