Vulnerability & Exploit Database

Displaying entries 1 - 10 of 12 in total

Results for: CVE-2018-1308 Back to search

Huawei EulerOS: CVE-2018-12015: perl security update Vulnerability

  • Severity: 6
  • Published: June 07, 2018

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

Debian: CVE-2018-1308: lucene-solr -- security update Vulnerability

  • Severity: 5
  • Published: April 09, 2018

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network.

SUSE: CVE-2018-7550: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: March 01, 2018

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.

SUSE: CVE-2018-5683: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 23, 2018

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

SUSE: CVE-2017-18030: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 23, 2018

The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

SUSE: CVE-2017-5715: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 04, 2018

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

SUSE: CVE-2017-7308: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: March 29, 2017

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

Red Hat: CVE-2017-7308: Important: kernel-rt security and bug fix update (Multiple Advisories) Vulnerability

  • Severity: 7
  • Published: March 29, 2017

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

Oracle Linux: (CVE-2017-7308) (Multiple Advisories): kernel security and bug fix update Vulnerability

  • Severity: 7
  • Published: March 29, 2017

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

Amazon Linux AMI: CVE-2017-7308: Security patch for kernel (ALAS-2017-828) Vulnerability

  • Severity: 7
  • Published: March 29, 2017

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.