Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 34.9%.
steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.3%.
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Unquoted service path vulnerability in Intel Wireless Bluetooth Drivers 16.x, 17.x, and before 18.1.1607.3129 allows local users to launch processes with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SMM call out in all Intel Branded NUC Kits allows a local privileged user to access the System Management Mode and take full control of the platform. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.