exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

CVE-2018-1093

Status Candidate

Overview

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.

Related Files

Red Hat Security Advisory 2019-3673-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3673-01 - The lldpad packages provide the Linux user space daemon and configuration tool for Intel's Link Layer Discovery Protocol Agent with Enhanced Ethernet support. An improper sanitization issue was addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-10932
SHA-256 | e7e595745f0998806ec07b2bc2b8ba088d60bccfb92da62bc5ad78814a43f171
Red Hat Security Advisory 2019-1162-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1162-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | c7d1940fd728b415f110e72909845b2271eb585cf3fe1c0022cb42c5baba4e0e
Red Hat Security Advisory 2019-1160-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1160-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 3a5c07b7f4dc0c1d0e83e80c108f16d7d04eb6c1b01ece3a5004980feb6ad6a1
Red Hat Security Advisory 2019-1161-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1161-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | de8411e9560c197b8de7528b762568e5f5c3aa978f3a5f13cf46e86c2003548d
Red Hat Security Advisory 2019-1159-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1159-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.22 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.21, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-8034
SHA-256 | 53067ef42952a1e99d1aba18ee49ae76fe735209c653df2c3a7195c682804794
Gentoo Linux Security Advisory 201904-06
Posted Apr 2, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-6 - Multiple vulnerabilities have been found in GlusterFS, the worst of which could result in the execution of arbitrary code. Versions less than 4.1.8 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-10841, CVE-2018-1088, CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10924, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-14651, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661
SHA-256 | 043fd8e80fc0cf57260f877078d16e4c53b33b4af150e6f0c8c6dc52016164d4
Red Hat Security Advisory 2019-0364-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0364-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | a228d9418494e5a5cd97d703c55108239e82d26c2deebf111ebb52fd2adf1aec
Red Hat Security Advisory 2019-0362-01
Posted Feb 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0362-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 09b757ecbeea503e2e2dd6f7ac771af07bbaed81be2e458c03e54c8290188e5d
Red Hat Security Advisory 2019-0380-01
Posted Feb 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0380-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.6 serves as a replacement for Red Hat Single Sign-On 7.2.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 32aad9996df6400db8adadb3fa8c9c6302bbd9bc31c388eac459b86318d6202a
Red Hat Security Advisory 2019-0365-01
Posted Feb 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0365-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2018-1000632, CVE-2018-10934, CVE-2018-14642
SHA-256 | 6e0db3fe2f3f38836bb6573608efad79fe56089340c18ecdc05321a13b97597d
LibSSH 0.7.6 / 0.8.4 Unauthorized Access
Posted Feb 3, 2019
Authored by JAS502N

LibSSH versions 0.7.6 and 0.8.4 unauthorized access proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2018-10933
SHA-256 | c5b8fd0e5cbaa3811a98a28383bb380c8a42e3dea1a7a2195ac4e5790302813f
Red Hat Security Advisory 2018-3470-01
Posted Nov 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3470-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, deserialization, and format string vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-10858, CVE-2018-10873, CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, CVE-2018-14652, CVE-2018-14653, CVE-2018-14654, CVE-2018-14659, CVE-2018-14660, CVE-2018-14661
SHA-256 | 9e8155ff0d32478283821315ef01b373ffb94a7f3e9c04679d7c9bfd1ff773d5
Ubuntu Security Notice USN-3797-2
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3797-2 - USN-3797-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-10938, CVE-2018-14734, CVE-2018-16658, CVE-2018-9363
SHA-256 | fcfe969ee2f2de30c48af096d0d90e976029649357ff3de4385bb752f9ff023a
Ubuntu Security Notice USN-3797-1
Posted Oct 23, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3797-1 - Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service. It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kernel. A local attacker could use this to expose sensitive information. It was discovered that an integer overflow existed in the HID Bluetooth implementation in the Linux kernel that could lead to a buffer overwrite. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-10938, CVE-2018-14734, CVE-2018-16658, CVE-2018-9363
SHA-256 | 238ceea5929a80898d5da54f43ed9ee667e49e84560780dbb617b5dff7489b20
Ubuntu Security Notice USN-3795-2
Posted Oct 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3795-2 - USN-3795-1 fixed a vulnerability in libssh. This update provides the corresponding update for Ubuntu 18.10. Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-10933
SHA-256 | 070f9eac6dd5b461646ba1be186066891ca7d42693547ae77fcc1dbac0b10ead
libSSH Authentication Bypass
Posted Oct 19, 2018
Authored by Dayanc Soyadli

libSSH suffers from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-10933
SHA-256 | 6bcffb74a9c2f6e6896ef61d538f794814156c05eda4456a642ba4d74d440fe2
Ubuntu Security Notice USN-3795-1
Posted Oct 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3795-1 - Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-10933
SHA-256 | 0e050a6a0d7cf6f0174602482b0eb22f9ad32c0f80e78085e68ea3b88ae8b752
Debian Security Advisory 4308-1
Posted Oct 2, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4308-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2018-10902, CVE-2018-10938, CVE-2018-13099, CVE-2018-14609, CVE-2018-14617, CVE-2018-14633, CVE-2018-14678, CVE-2018-14734, CVE-2018-15572, CVE-2018-15594, CVE-2018-16276, CVE-2018-16658, CVE-2018-17182, CVE-2018-6554, CVE-2018-6555, CVE-2018-7755, CVE-2018-9363, CVE-2018-9516
SHA-256 | a9488a1ec49d402caeb675f06f2c3bfc5c6485d76c3af54ee57d369cf63de403
Red Hat Security Advisory 2018-2757-01
Posted Sep 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2757-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-10850, CVE-2018-10935, CVE-2018-14624, CVE-2018-14638
SHA-256 | ebc2c485eac5e96a5ec19794c9c43a5b4e7aee4c30f1a0fff67a7a95a75f23cb
Red Hat Security Advisory 2018-2607-01
Posted Sep 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2607-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, deserialization, local file inclusion, and remote file inclusion vulnerabilities.

tags | advisory, remote, denial of service, overflow, local, vulnerability, file inclusion
systems | linux, redhat
advisories | CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930
SHA-256 | 1869d3dbb0d19201b396114a7ac010439cd91183d33b11fbfc38ece6f506392a
Red Hat Security Advisory 2018-2608-01
Posted Sep 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2608-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, and deserialization vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-10904, CVE-2018-10907, CVE-2018-10911, CVE-2018-10913, CVE-2018-10914, CVE-2018-10923, CVE-2018-10926, CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930
SHA-256 | dbc1eee9743f4815426c0555b3ae9015f27350b74fb56d7d1bb32c22f9a3a6ae
Ubuntu Security Notice USN-3752-3
Posted Aug 29, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-3 - It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | df405822058b07d43330a4315ada3e76a4b71ec3918d891cc128c577470eaa65
Ubuntu Security Notice USN-3752-2
Posted Aug 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-2 - USN-3752-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | f7a708d43dc8fc39287ba0870edf14e6d0ec3a7b3c72bc9ee988c9562a349836
Ubuntu Security Notice USN-3752-1
Posted Aug 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3752-1 - It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1000200, CVE-2018-1000204, CVE-2018-10323, CVE-2018-10840, CVE-2018-10881, CVE-2018-1093, CVE-2018-1108, CVE-2018-1120, CVE-2018-11412, CVE-2018-11506, CVE-2018-12232, CVE-2018-12233, CVE-2018-12904, CVE-2018-13094, CVE-2018-13405, CVE-2018-13406, CVE-2018-5814, CVE-2018-9415
SHA-256 | c7a9f122697774982780879f9c8d3a59d9eae1e54b93440f77d25f92ab601153
Red Hat Security Advisory 2018-2372-01
Posted Aug 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2372-01 - Cobbler is a network install server. Cobbler supports PXE, virtualized installs, and re-installing existing Linux machines. Cobbler has a XMLRPC API for integration with other applications. Issues addressed include a method disclosure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10931
SHA-256 | 5e102b6d7009188abe113a563bfde8a621677eef7808d531c0f59470391d2215
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close