Lucene search

K

DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660, Security Vulnerabilities

nessus
nessus

Fedora 21 : xen-4.4.1-9.fc21 (2014-15951)

Excessive checking in compatibility mode hypercall argument translation, Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor, fix segfaults and failures in xl migrate --debug Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on...

0.3AI Score

0.006EPSS

2014-12-15 12:00 AM
13
fedora
fedora

[SECURITY] Fedora 19 Update: xen-4.2.5-6.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-12 04:36 AM
9
fedora
fedora

[SECURITY] Fedora 20 Update: xen-4.3.3-6.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-12 04:30 AM
13
fedora
fedora

[SECURITY] Fedora 21 Update: xen-4.4.1-9.fc21

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-12 04:01 AM
14
openvas
openvas

Fedora Update for xen FEDORA-2014-15995

Check the version of...

6.7AI Score

0.006EPSS

2014-12-12 12:00 AM
10
openvas
openvas

Fedora Update for xen FEDORA-2014-16017

Check the version of...

6.7AI Score

0.006EPSS

2014-12-12 12:00 AM
6
openvas
openvas

Fedora Update for xen FEDORA-2014-15503

Check the version of...

6.7AI Score

0.006EPSS

2014-12-02 12:00 AM
6
openvas
openvas

Fedora Update for xen FEDORA-2014-15521

Check the version of...

6.7AI Score

0.006EPSS

2014-12-02 12:00 AM
13
nessus
nessus

Fedora 19 : xen-4.2.5-5.fc19 (2014-15503)

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...

0.5AI Score

0.006EPSS

2014-12-02 12:00 AM
11
nessus
nessus

Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...

0.5AI Score

0.006EPSS

2014-12-02 12:00 AM
10
fedora
fedora

[SECURITY] Fedora 20 Update: xen-4.3.3-5.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-01 07:01 PM
13
fedora
fedora

[SECURITY] Fedora 19 Update: xen-4.2.5-5.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-01 07:01 PM
9
nvd
nvd

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.4AI Score

0.027EPSS

2014-11-25 03:59 PM
cve
cve

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.5AI Score

0.027EPSS

2014-11-25 03:59 PM
23
prion
prion

Code injection

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.8AI Score

0.027EPSS

2014-11-25 03:59 PM
5
cvelist
cvelist

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.4AI Score

0.027EPSS

2014-11-25 03:00 PM
debiancve
debiancve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

3.7AI Score

0.003EPSS

2014-11-24 03:59 PM
9
cve
cve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.2AI Score

0.003EPSS

2014-11-24 03:59 PM
32
nvd
nvd

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.3AI Score

0.003EPSS

2014-11-24 03:59 PM
prion
prion

Code injection

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.8AI Score

0.003EPSS

2014-11-24 03:59 PM
8
cvelist
cvelist

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6AI Score

0.003EPSS

2014-11-24 03:00 PM
ubuntucve
ubuntucve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. Bugs ...

2.4AI Score

0.003EPSS

2014-11-24 12:00 AM
13
zdi
zdi

Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Dell SonicWALL Global Management System (GMS) virtual appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the GMS ViewPoint (GMSVP) web...

7.2AI Score

0.027EPSS

2014-11-21 12:00 AM
18
xen
xen

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling

ISSUE DESCRIPTION An error handling path in the processing of MMU_MACHPHYS_UPDATE failed to drop a page reference which was acquired in an earlier processing step. IMPACT Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack.....

6.2AI Score

0.003EPSS

2014-11-20 04:26 PM
31
nvd
nvd

CVE-2014-8660

SAP Document Management Services allows local users to execute arbitrary commands via unspecified...

7.2AI Score

0.0004EPSS

2014-11-06 03:55 PM
1
cve
cve

CVE-2014-8660

SAP Document Management Services allows local users to execute arbitrary commands via unspecified...

7.4AI Score

0.0004EPSS

2014-11-06 03:55 PM
16
prion
prion

Command injection

SAP Document Management Services allows local users to execute arbitrary commands via unspecified...

7.7AI Score

0.0004EPSS

2014-11-06 03:55 PM
2
cvelist
cvelist

CVE-2014-8660

SAP Document Management Services allows local users to execute arbitrary commands via unspecified...

7.2AI Score

0.0004EPSS

2014-11-06 03:00 PM
huawei
huawei

Security Advisory-9 OpenSSL vulnerabilities on Huawei products

This security advisory (SA) describes the impact of 9 OpenSSL vulnerabilities discovered in third-party software. (Vulnerability ID: HWPSIRT-2014-0816) These vulnerabilities are referenced in this document as follows: 1.Information leak in pretty printing functions (CVE-2014-3508). A flaw in...

1AI Score

0.928EPSS

2014-10-08 12:00 AM
37
threatpost
threatpost

Twitter Files Suit Over Government Restrictions on National Security Letter Data

Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free...

0.2AI Score

2014-10-07 02:16 PM
8
seebug
seebug

Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
15
seebug
seebug

SonicWALL GMS 6 Arbitrary File Upload

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
16
seebug

7.1AI Score

2014-07-01 12:00 AM
21
seebug
seebug

SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
12
seebug

7.1AI Score

2014-07-01 12:00 AM
36
seebug

7.1AI Score

2014-07-01 12:00 AM
13
nessus
nessus

openSUSE Security Update : otrs (openSUSE-SU-2013:1338-1)

The ticket system OTRS was updated to 3.1.18 to fix various bugs and security issues. Update to 3.1.18 : OSA-2013-05, CVE-2013-4717, CVE-2013-4718 fixed. Fixed bug#9561 - ACL restriction with CustomerID for DynamicFields at new Ticket screen not working. Fixed bug#9425 - Wrong created...

8.8CVSS

-0.2AI Score

0.371EPSS

2014-06-13 12:00 AM
29
openvas
openvas

HP Printers Information Disclosure Vulnerability (Apr 2014, Heartbleed)

A potential security vulnerability has been identified in HP Officejet Pro X printers and in certain Officejet Pro printers running OpenSSL. This is the OpenSSL vulnerability known...

7.5CVSS

8.1AI Score

0.975EPSS

2014-06-03 12:00 AM
84
hp
hp

HPSBPI03031 rev.3 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information

Potential Security Impact Remote disclosure of information VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP Officejet Pro X printers and in certain Officejet Pro printers running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" (CVE-2014-0160)...

7.5CVSS

1.8AI Score

0.975EPSS

2014-04-30 12:00 AM
40
seebug
seebug

Yokogawa CENTUM CS3000 'BKHOdeq.exe'栈缓冲区溢出漏洞

Bugtraq ID:66111 Yokogawa CENTUM CS3000是一款生产控制系统。 Yokogawa CENTUM CS3000 'BKHOdeq.exe'处理特制报文时存在一个基于栈的缓冲区溢出,允许攻击者利用漏洞提交特殊的请求可使应用程序崩溃或执行任意代码。 0 Yokogawa CENTUM CS 3000 R3.08.50 厂商补丁: Yokogawa 用户可联系厂商获得相应的升级或补丁程序:...

7.1AI Score

2014-03-13 12:00 AM
6
zdt
zdt

Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow Vulnerability

This Metasploit module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKHOdeq.exe when handling specially crafted packets. This Metasploit module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3 and...

7.4AI Score

2014-03-11 12:00 AM
16
packetstorm

0.9AI Score

2014-03-11 12:00 AM
16
metasploit
metasploit

Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow

This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKHOdeq.exe when handling specially crafted packets. This module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3 and Windows 2003...

7.4AI Score

2014-03-10 02:33 PM
28
ciscothreats
ciscothreats

Threat Outbreak Alert: Fake Purchase Order Notification Email Messages on November 13, 2013

Medium Alert ID: 31769 First Published: 2013 November 14 17:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a purchase order notification for the recipient. The text in the email message attempts to convince the...

-0.1AI Score

2013-11-14 05:22 PM
16
nvd
nvd

CVE-2013-4653

Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...

5AI Score

0.003EPSS

2013-08-20 12:48 AM
cve
cve

CVE-2013-4653

Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...

5AI Score

0.003EPSS

2013-08-20 12:48 AM
19
prion
prion

Cross site scripting

Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...

5AI Score

0.003EPSS

2013-08-20 12:48 AM
4
cvelist
cvelist

CVE-2013-4653

Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System (AMDS) before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...

5AI Score

0.003EPSS

2013-08-20 12:00 AM
nvd
nvd

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

6.4AI Score

0.002EPSS

2013-06-20 03:55 PM
Total number of security vulnerabilities1189