CVE & Exploit Intelligence Database

CVE-2023-5366 7.1 HIGH EPSS 0.00

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

CWE-345 Oct 06, 2023

CVE-2023-4911 7.8 HIGH KEV RANSOMWARE 25 PoCs Analysis NUCLEI EPSS 0.60

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

CWE-122 Oct 03, 2023

CVE-2023-1668 8.2 HIGH EPSS 0.00

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

CWE-670 Apr 10, 2023

CVE-2022-2805 6.5 MEDIUM EPSS 0.00

A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.

CWE-312 Oct 19, 2022

CVE-2014-0148 5.5 MEDIUM EPSS 0.00

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS.

CWE-835 Sep 29, 2022

CVE-2014-0147 6.2 MEDIUM EPSS 0.00

Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.

CWE-190 Sep 29, 2022

CVE-2014-0144 8.6 HIGH EPSS 0.01

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

CWE-20 Sep 29, 2022

CVE-2022-2132 8.6 HIGH EPSS 0.01

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CWE-791 Aug 31, 2022

CVE-2022-0207 4.7 MEDIUM EPSS 0.00

A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.

CWE-362 Aug 26, 2022

CVE-2022-2078 5.5 MEDIUM 1 PoC Analysis EPSS 0.00

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

CWE-121 Jun 30, 2022

CVE-2022-0435 8.8 HIGH 3 PoCs Analysis EPSS 0.54

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

CWE-787 Mar 25, 2022

CVE-2022-0330 7.8 HIGH EPSS 0.00

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

CWE-281 Mar 25, 2022

CVE-2022-27666 7.8 HIGH 2 PoCs Analysis EPSS 0.01

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

CWE-787 Mar 23, 2022

CVE-2021-3620 5.5 MEDIUM EPSS 0.00

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

CWE-209 Mar 03, 2022

CVE-2021-3609 7.0 HIGH 1 Writeup EPSS 0.00

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

CWE-362 Mar 03, 2022

CVE-2021-3677 6.5 MEDIUM EPSS 0.00

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

CWE-200 Mar 02, 2022

CVE-2020-25717 8.1 HIGH EPSS 0.01

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

CWE-20 Feb 18, 2022

CVE-2021-3560 7.8 HIGH KEV 36 PoCs Analysis EPSS 0.11

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CWE-754 Feb 16, 2022

CVE-2021-4154 8.8 HIGH 2 PoCs Analysis EPSS 0.01

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.

CWE-416 Feb 04, 2022

CVE-2021-3621 8.8 HIGH EPSS 0.00

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CWE-78 Dec 23, 2021