Vulnerability & Exploit Database

Displaying entries 1 - 10 of 134986 in total

Samba CVE-2018-1140: Denial of Service Attack on DNS and LDAP server Vulnerability

  • Severity: 4
  • Published: August 16, 2018

All versions of Samba from 4.8.0 onwards are vulnerable to a denial of service attack when Samba is an Active Directory Domain Controller. Missing input sanitization checks on some of the input parameters to LDB database layer cause the LDAP server and DNS server to crash when following a NULL pointer.

SUSE: CVE-2018-3646: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: August 15, 2018

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

SUSE: CVE-2018-3620: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: August 15, 2018

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

Palo Alto Networks PAN-SA-2018-0009 (CVE-2018-10139): Cross-Site Scripting Vulnerability

  • Severity: 4
  • Published: August 15, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From PAN-SA-2018-0009:

A Cross-Site Scripting (XSS) vulnerability exists in a PAN-OS response page for GlobalProtect. (Ref. # PAN-84836; CVE-2018-10139)

HP iLO: CVE-2018-7101: Denial of Service Vulnerability

  • Severity: 4
  • Published: August 15, 2018

A potential security vulnerability has been identified in HPE Integrated Lights Out 4 and 5 (iLO 4,5). The vulnerability could be exploited remotely to allow denial of service.