Lucene search

K

CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, Security Vulnerabilities

nessus
nessus

Huawei CloudEngine Switch Security Bypass (HWPSIRT-2013-1256)

The remote host is a Huawei switch running a firmware version that is affected by a security bypass vulnerability due to a failure of access control. An authenticated attacker can exploit this vulnerability to execute commands with higher-level...

0.4AI Score

EPSS

2014-08-22 12:00 AM
20
zdt
zdt

ManageEngine Desktop Central / Password Manager Pro / IT360 SQL Injection

ManageEngine Desktop Central, Password Manager Pro, and IT360 suffer from remote blind SQL injection vulnerabilities. Metasploit module...

0.5AI Score

0.949EPSS

2014-08-20 12:00 AM
56
packetstorm

0.5AI Score

0.949EPSS

2014-08-20 12:00 AM
53
openvas
openvas

Ubuntu: Security Advisory (USN-2310-1)

The remote host is missing an update for...

7.6AI Score

0.956EPSS

2014-08-12 12:00 AM
10
nessus
nessus

Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2310-1)

It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-1016) It was discovered that Kerberos incorrectly...

7.8AI Score

0.956EPSS

2014-08-12 12:00 AM
8
ubuntu
ubuntu

Kerberos vulnerabilities

Releases Ubuntu 14.04 ESM Ubuntu 12.04 Ubuntu 10.04 Packages krb5 - MIT Kerberos Network Authentication Protocol Details It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a...

8.7AI Score

0.956EPSS

2014-08-11 12:00 AM
41
openvas
openvas

Fedora Update for krb5 FEDORA-2014-8176

The remote host is missing an update for...

7.1AI Score

0.936EPSS

2014-08-08 12:00 AM
10
fedora
fedora

[SECURITY] Fedora 19 Update: krb5-1.11.3-24.fc19

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted...

3.1AI Score

0.936EPSS

2014-08-07 03:27 PM
10
seebug

7.1AI Score

2014-07-01 12:00 AM
14
seebug

7.1AI Score

2014-07-01 12:00 AM
27
seebug
seebug

Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
12
seebug

7.1AI Score

2014-07-01 12:00 AM
9
seebug
seebug

WinVNC Web Server <= 3.3.3r7 - GET Overflow

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
8
seebug

7.1AI Score

2014-07-01 12:00 AM
5
seebug
seebug

Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
8
seebug
seebug

BEA Weblogic Transfer-Encoding Buffer Overflow

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
7
nessus
nessus

Fedora 20 : python-2.7.5-13.fc20 (2014-7800)

Fix for CVE-2014-4616 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.9CVSS

-0.7AI Score

0.003EPSS

2014-07-01 12:00 AM
14
seebug

7.1AI Score

2014-07-01 12:00 AM
8
openvas
openvas

Fedora Update for python FEDORA-2014-7800

The remote host is missing an update for...

5.9CVSS

6.2AI Score

0.003EPSS

2014-07-01 12:00 AM
7
seebug

7.1AI Score

2014-07-01 12:00 AM
9
nessus
nessus

GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)

The remote host is affected by the vulnerability described in GLSA-201406-32 (IcedTea JDK: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly...

9.1CVSS

1.9AI Score

EPSS

2014-06-30 12:00 AM
31
gentoo
gentoo

IcedTea JDK: Multiple vulnerabilities

Background IcedTea is a distribution of the Java OpenJDK source code built with free build tools. Description Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute...

9.1CVSS

9.5AI Score

EPSS

2014-06-29 12:00 AM
37
nessus
nessus

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:1663-1)

Update to icedtea 2.4.3 (bnc#846999) synchronized OpenJDK 7 support with the upstream u45 b31 fixes the following issues : S8006900, CVE-2013-3829: Add new date/time capability S8008589: Better MBean permission validation S8011071, CVE-2013-5780: Better crypto provider handling S8011081,...

0.1AI Score

0.143EPSS

2014-06-13 12:00 AM
22
nessus
nessus

IBM Domino 8.0.x / 8.5.x / 9.0.x with IBM Java < 1.6 SR15 FP1 Multiple Vulnerabilities (credentialed check)

The remote host has a version of IBM Domino (formerly Lotus Domino) 8.0.x / 8.5.x / 9.0.x that is bundled with an IBM Java version prior to 1.6 SR15 FP1. It is, therefore, affected by the vulnerabilities mentioned in the Oracle Java Critical Patch Update advisories for October 2013 and January...

0.6AI Score

0.433EPSS

2014-05-12 12:00 AM
79
nessus
nessus

IBM Domino 9.x < 9.0.1 Fix Pack 1 Multiple Vulnerabilities (uncredentialed check)

According to its version, the IBM Domino (formerly IBM Lotus Domino) on the remote host is 9.x prior to 9.0.1 Fix Pack 1 (FP1). It is, therefore, affected by the following vulnerabilities : A stack overflow issue exists due to the insecure '-z execstack' flag being used during compilation,...

0.8AI Score

0.433EPSS

2014-05-12 12:00 AM
176
nessus
nessus

IBM Notes 8.0.x / 8.5.x / 9.0.x with IBM Java < 1.6 SR15 FP1 Multiple Vulnerabilities

The remote host has a version of IBM Notes (formerly Lotus Notes) 8.0.x / 8.5.x / 9.0.x that is bundled with an IBM Java version prior to 1.6 SR15 FP1. It is, therefore, affected by the vulnerabilities mentioned in the Oracle Java Critical Patch Update advisories for October 2013 and January...

0.6AI Score

0.433EPSS

2014-05-12 12:00 AM
343
nessus
nessus

TigerVNC < 1.3.1 ZRLE Heap-based Buffer Overflow

According to its self-identified version number, the TigerVNC install hosted on the remote web server is affected by a heap-based buffer overflow vulnerability. A flaw exists when performing bounds check during ZRLE decoding. This could allow a remote attacker with a malicious server and a...

9.8CVSS

0.1AI Score

0.003EPSS

2014-04-04 12:00 AM
15
jvn
jvn

JVN#81739241: sp mode mail issue when accessing attachments in incoming mail

sp mode mail provided by NTT DOCOMO contains a function that allows other Android applications to access attachments for incoming emails. This function contains an issue in the restriction of access permissions. ## Impact If a malicious Android application is installed on the device, attachments...

6.4AI Score

0.001EPSS

2014-03-18 12:00 AM
13
jvn
jvn

JVN#05951929: sp mode mail issue where emails in the process of creation may be accessed

sp mode mail provided by NTT DOCOMO contains an application link interface so that mail data can be exchanged with external application during email creation. When the application to be linked is selected, the email contents and attachment are saved to the SD card, therefore other Android...

6.4AI Score

0.001EPSS

2014-03-18 12:00 AM
16
nessus
nessus

GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)

The remote host is affected by the vulnerability described in GLSA-201401-30 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact : An...

1AI Score

0.975EPSS

2014-01-27 12:00 AM
68
gentoo
gentoo

Oracle JRE/JDK: Multiple vulnerabilities

Background The Oracle Java Development Kit (JDK) (formerly known as Sun JDK) and the Oracle Java Runtime Environment (JRE) (formerly known as Sun JRE) provide the Oracle Java platform (formerly known as Sun Java Platform). Description Multiple vulnerabilities have been reported in the Oracle Java.....

8.3AI Score

0.975EPSS

2014-01-27 12:00 AM
65
openvas
openvas

Ubuntu Update for openjdk-7 USN-2089-1

Check for the Version of...

0.4AI Score

0.433EPSS

2014-01-27 12:00 AM
16
openvas
openvas

Ubuntu: Security Advisory (USN-2089-1)

The remote host is missing an update for...

6.8AI Score

0.433EPSS

2014-01-27 12:00 AM
38
nessus
nessus

Ubuntu 12.10 / 13.04 / 13.10 : openjdk-7 vulnerabilities (USN-2089-1)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804, CVE-2014-0411) Several vulnerabilities were discovered in the...

6.1AI Score

0.433EPSS

2014-01-24 12:00 AM
25
ubuntu
ubuntu

OpenJDK 7 vulnerabilities

Releases Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Packages openjdk-7 - Open Source Java implementation Details Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the...

7.1AI Score

0.433EPSS

2014-01-23 12:00 AM
61
exploitdb

7.4AI Score

EPSS

2014-01-14 12:00 AM
16
exploitpack
exploitpack

Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure

Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data...

AI Score

2014-01-14 12:00 AM
11
seebug
seebug

Huawei CloudEngine系列交换机安全绕过漏洞

BUGTRAQ ID: 64634 CloudEngine系列是华为公司面向下一代数据中心和高端园区推出的“云”级高性能交换机。 Huawei CloudEngine系列交换机的HWTACACS模块在实现上存在多个安全限制绕过漏洞。若攻击者拥有低权限的用户名称和密码并能够登录受影响设备,则可以利用这些漏洞绕过服务器身份验证检查,提升用户权限并执行任意命令。 0 Huawei CloudEngine Series Switches CE6800 Huawei CloudEngine Series Switches CE5800 Huawei CloudEngine Series...

6.9AI Score

2014-01-03 12:00 AM
14
huawei
huawei

Security Advisory-A Vulnerability on the HWTACACS Authorization Module of the CloudEngine

The HWTACACS modules of some Huawei CloudEngine series switches have vulnerabilities. Attackers can execute the commands that can be used by users with higher-level permissions by bypass the right check of HWTACACS server. (HWPSIRT-2013-1256). This Vulnerability has been assigned Common...

6.7AI Score

EPSS

2013-12-28 12:00 AM
19
nessus
nessus

GLSA-201312-12 : MIT Kerberos 5: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201312-12 (MIT Kerberos 5: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Key Distribution Center in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. ...

1.4AI Score

0.956EPSS

2013-12-17 12:00 AM
10
gentoo
gentoo

MIT Kerberos 5: Multiple vulnerabilities

Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Description Multiple vulnerabilities have been discovered in the Key Distribution Center in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

7.4AI Score

0.956EPSS

2013-12-16 12:00 AM
17
aix
aix

Multiple Java vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM SECURITY ADVISORY First Issued: Wed Dec 11 10:53:34 CST 2013 | Updated: Mon Feb 3 10:36:58 CST 2014 | Updated: Sections II and III modifications | Updated: Includes VIOS The most recent version of this document is available here:...

8.2AI Score

0.143EPSS

2013-12-11 10:53 AM
49
securityvulns
securityvulns

Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities

Quarterly update fixes over 130 vulnerabilities in different...

2.1AI Score

0.974EPSS

2013-12-09 12:00 AM
25
openvas
openvas

Fedora Update for krb5 FEDORA-2013-21786

The remote host is missing an update for...

6.6AI Score

0.936EPSS

2013-12-04 12:00 AM
7
openvas
openvas

Fedora Update for krb5 FEDORA-2013-21786

Check for the Version of...

AI Score

0.936EPSS

2013-12-04 12:00 AM
20
fedora
fedora

[SECURITY] Fedora 19 Update: krb5-1.11.3-13.fc19

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted...

3.1AI Score

0.936EPSS

2013-12-03 10:37 AM
13
suse
suse

Security update for IBM Java 7 (important)

IBM Java 7 SR6 has been released and fixes lots of bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ ...

0.5AI Score

0.143EPSS

2013-11-22 08:04 AM
24
nessus
nessus

SuSE 11.2 / 11.3 Security Update : IBM Java 7 (SAT Patch Numbers 8565 / 8566)

IBM Java 7 SR6 has been released and fixes lots of bugs and security issues. More information can be found on:...

0.7AI Score

0.143EPSS

2013-11-21 12:00 AM
120
nessus
nessus

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:267)

Updated java-1.7.0-openjdk packages fix security vulnerabilities : Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the.....

1AI Score

0.143EPSS

2013-11-20 12:00 AM
20
suse
suse

Security update for Java 6 (important)

IBM Java 6 SR15 has been released which fixes lots of bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ ...

0.4AI Score

0.143EPSS

2013-11-19 12:04 AM
22
Total number of security vulnerabilities1776