Vulnerability & Exploit Database

Displaying entries 191 - 200 of 136716 in total

Amazon Linux AMI: CVE-2018-14634: Security patch for kernel (ALAS-2018-1087) Vulnerability

  • Severity: 4
  • Published: September 26, 2018

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

Alpine Linux: CVE-2018-16152: strongswan Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: September 26, 2018

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public expone...

Alpine Linux: CVE-2018-16151: strongswan Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: September 26, 2018

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.param...

SUSE: CVE-2018-16588: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: September 25, 2018

Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are w...