Vulnerability & Exploit Database

Displaying all 8 entries

Results for: CVE-2019-2451 Back to search

SUSE: CVE-2019-2451: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 16, 2019

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM Virtua...

SUSE: CVE-2018-1126: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: May 23, 2018

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

SUSE: CVE-2018-1124: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 23, 2018

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

SUSE: CVE-2018-1125: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 22, 2018

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.

SUSE: CVE-2018-1123: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 22, 2018

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

SUSE: CVE-2018-1122: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: May 22, 2018

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6 Vulnerability

  • Severity: 1
  • Published: November 10, 2010

This is a placeholder for all CVEs that are not relevant for one reason or another on Red Hat Enterprise Linux 6. Oftentimes Red Hat makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability.

Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5 Vulnerability

  • Severity: 1
  • Published: March 15, 2007

This is a placeholder for all CVEs that are not relevant for one reason or another on Red Hat Enterprise Linux 5. Oftentimes Red Hat makes this determination because the affected software was shipped, built or configured in a manner that it made it invulnerable to a given vulnerability.