Lucene search

K

DP300,TE60,TP3106,ViewPoint 9030,eCNS210 TD,eSpace 7950,eSpace IAD,eSpace U1981 Security Vulnerabilities

openvas
openvas

Fedora Update for xen FEDORA-2014-15503

Check the version of...

6.7AI Score

0.006EPSS

2014-12-02 12:00 AM
6
openvas
openvas

Fedora Update for xen FEDORA-2014-15521

Check the version of...

6.7AI Score

0.006EPSS

2014-12-02 12:00 AM
13
nessus
nessus

Fedora 19 : xen-4.2.5-5.fc19 (2014-15503)

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...

0.5AI Score

0.006EPSS

2014-12-02 12:00 AM
11
nessus
nessus

Fedora 20 : xen-4.3.3-5.fc20 (2014-15521)

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling Insufficient restrictions on certain MMU update hypercalls, Missing privilege level checks in x86 emulation of far branches, Add fix for CVE-2014-0150 to qemu-dm, though it probably isn't exploitable from xen Note that Tenable...

0.5AI Score

0.006EPSS

2014-12-02 12:00 AM
10
fedora
fedora

[SECURITY] Fedora 20 Update: xen-4.3.3-5.fc20

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-01 07:01 PM
13
fedora
fedora

[SECURITY] Fedora 19 Update: xen-4.2.5-5.fc19

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen...

2.1AI Score

0.006EPSS

2014-12-01 07:01 PM
9
nvd
nvd

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.4AI Score

0.027EPSS

2014-11-25 03:59 PM
cve
cve

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.5AI Score

0.027EPSS

2014-11-25 03:59 PM
23
prion
prion

Code injection

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.8AI Score

0.027EPSS

2014-11-25 03:59 PM
5
cvelist
cvelist

CVE-2014-8420

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified...

7.4AI Score

0.027EPSS

2014-11-25 03:00 PM
debiancve
debiancve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

3.7AI Score

0.003EPSS

2014-11-24 03:59 PM
9
cve
cve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.2AI Score

0.003EPSS

2014-11-24 03:59 PM
32
nvd
nvd

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.3AI Score

0.003EPSS

2014-11-24 03:59 PM
prion
prion

Code injection

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6.8AI Score

0.003EPSS

2014-11-24 03:59 PM
8
cvelist
cvelist

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted...

6AI Score

0.003EPSS

2014-11-24 03:00 PM
ubuntucve
ubuntucve

CVE-2014-9030

The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. Bugs ...

2.4AI Score

0.003EPSS

2014-11-24 12:00 AM
13
zdi
zdi

Dell Sonicwall GMS Virtual Appliance Multiple Remote Code Execution Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Dell SonicWALL Global Management System (GMS) virtual appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the GMS ViewPoint (GMSVP) web...

7.2AI Score

0.027EPSS

2014-11-21 12:00 AM
18
xen
xen

Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling

ISSUE DESCRIPTION An error handling path in the processing of MMU_MACHPHYS_UPDATE failed to drop a page reference which was acquired in an earlier processing step. IMPACT Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack.....

6.2AI Score

0.003EPSS

2014-11-20 04:26 PM
31
huawei
huawei

Security Advisory-Bash Code Injection Vulnerability

This security advisory (SA) describes the impact of 6 Bash vulnerabilities discovered in third-party software (Vulnerability ID: HWPSIRT-2014-0951). 1.OS Command Injections vulnerability (CVE-2014-6271). GNU Bash through 4.3 processes trailing strings after function definitions in the values of...

9.8CVSS

4AI Score

0.976EPSS

2014-10-24 12:00 AM
45
huawei
huawei

Security Advisory-9 OpenSSL vulnerabilities on Huawei products

This security advisory (SA) describes the impact of 9 OpenSSL vulnerabilities discovered in third-party software. (Vulnerability ID: HWPSIRT-2014-0816) These vulnerabilities are referenced in this document as follows: 1.Information leak in pretty printing functions (CVE-2014-3508). A flaw in...

1AI Score

0.928EPSS

2014-10-08 12:00 AM
37
threatpost
threatpost

Twitter Files Suit Over Government Restrictions on National Security Letter Data

Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free...

0.2AI Score

2014-10-07 02:16 PM
8
packetstorm

0.1AI Score

2014-10-03 12:00 AM
47
vulnerlab

7.1AI Score

2014-09-25 12:00 AM
39
vulnerlab

0.2AI Score

2014-09-25 12:00 AM
7
symantec
symantec

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability

Description GNU Bash is prone to remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Advantech EKI-1320 1.98 ...

1.5AI Score

0.976EPSS

2014-09-24 12:00 AM
215
seebug
seebug

VxWorks WDB Agent 远程内存读取漏洞

VxWorks安全初探 404@KnownSec 0x00 前言 关于VxWorks,这里引用44CON议题《攻击 VxWorks:从石器时代到星际》探究 一文章中的介绍: VxWorks 是世界上使用最广泛的一种在嵌入式系统中部署的实时操作系统,是由美国WindRiver公司(简称风河公司,即WRS 公司)于1983年设计开发的。其市场范围跨越所有的安全关键领域,仅举几例,包括火星好奇心流浪者、波音787梦幻客机、网络路由器。这些应用程序的安全高危性质使得VxWorks的安全被高度关注。 VxWorks操作系统是由美国Wind...

7.2AI Score

2014-09-12 12:00 AM
173
huawei
huawei

Security Advisory-Apache Struts2 vulnerability on Huawei multiple products

Some versions of Apache Struts2 software used in Huawei devices have security vulnerabilities. A patch released for the software to fix vulnerabilities CVE-2014-0050 and CVE-2014-0094 has the risk of being bypassed. (Vulnerability ID: HWPSIRT-2014-0420) This Vulnerability has been assigned Common.....

2.2AI Score

0.971EPSS

2014-07-07 12:00 AM
63
seebug
seebug

Photo Server 2.0 iOS - Multiple Vulnerabilities

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
16
seebug

7.1AI Score

2014-07-01 12:00 AM
18
seebug

7.1AI Score

2014-07-01 12:00 AM
11
seebug
seebug

SonicWALL GMS 6 Arbitrary File Upload

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
16
seebug

7.1AI Score

2014-07-01 12:00 AM
21
seebug

7.1AI Score

2014-07-01 12:00 AM
10
seebug
seebug

SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass

No description provided by...

7.1AI Score

2014-07-01 12:00 AM
12
seebug

7.1AI Score

2014-07-01 12:00 AM
36
seebug

7.1AI Score

2014-07-01 12:00 AM
13
huawei
huawei

Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products

This security advisory (SA) describes the impact of 7 OpenSSL vulnerabilities discovered in third-party software. The vulnerabilities are referenced in this document as follows: 1.SSL/TLS Man-in-the-Middle Vulnerability (CVE-2014-0224). An unauthenticated, remote attacker with the ability to...

7.4CVSS

1.6AI Score

0.974EPSS

2014-06-13 12:00 AM
49
nessus
nessus

openSUSE Security Update : otrs (openSUSE-SU-2013:1338-1)

The ticket system OTRS was updated to 3.1.18 to fix various bugs and security issues. Update to 3.1.18 : OSA-2013-05, CVE-2013-4717, CVE-2013-4718 fixed. Fixed bug#9561 - ACL restriction with CustomerID for DynamicFields at new Ticket screen not working. Fixed bug#9425 - Wrong created...

8.8CVSS

-0.2AI Score

0.371EPSS

2014-06-13 12:00 AM
29
hackerone
hackerone

Localize: User credentials are sent in clear text

Vulnerability description User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users. This vulnerability affects /pages/sign_up. Discovered by: MANUALLY Attack details...

-0.2AI Score

2014-04-18 04:19 AM
22
huawei
huawei

Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products

Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private.....

7.5CVSS

2.6AI Score

0.975EPSS

2014-04-17 12:00 AM
281
seebug
seebug

Huawei eSpace Meeting Service 'eMservice.exe'本地权限提升漏洞

Bugtraq ID:66107 Huawei eSpace Meeting是一款移动视频解决方案。 Huawei eSpace Meeting产品的用户权限设置不合理。获取普通用户权限的攻击者,可以通过特定的操作,提升权限并访问和设置某些关键资源。 0 Huawei eSpace Meeting 1.x 厂商补丁: Huawei Huawei eSpace Meeting V100R001C03SPC202已经修复该漏洞,建议用户下载更新:...

7.1AI Score

2014-03-13 12:00 AM
8
exploitpack
exploitpack

Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege Escalation

Huawei Technologies eSpace Meeting Service 1.0.0.23 - Local Privilege...

0.6AI Score

2014-03-12 12:00 AM
12
zdt
zdt

Huawei eSpace Meeting Service 1.0.0.23 Privilege Escalation

Huawei Technologies eSpace Meeting Service version 1.0.0.23 suffers from a local privilege escalation...

7.1AI Score

2014-03-11 12:00 AM
23
packetstorm

0.8AI Score

2014-03-11 12:00 AM
19
zeroscience
zeroscience

Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation

Title: Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation Advisory ID: ZSL-2014-5171 Type: Local Impact: Privilege Escalation Risk: (3/5) Release Date: 10.03.2014 Summary Huawei's eSpace Meeting solution fully meets the needs of enterprise customers for an integrated...

7CVSS

6.9AI Score

0.001EPSS

2014-03-10 12:00 AM
18
huawei
huawei

Security Advisory-Improper User Permission Setting Vulnerability in Huawei eSpace Meeting

User permissions are not properly set on Huawei eSpace Meeting. Attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. (HWPSIRT-2014-0241). This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID:...

7CVSS

6.5AI Score

0.001EPSS

2014-03-10 12:00 AM
16
threatpost
threatpost

RSA Conference 2014 Art Coviello RSA keynote

SAN FRANCISCO – RSA Security executive chairman Art Coviello today at RSA Conference 2014 made his first public comments about the security company’s relationship with the National Security Agency, painting the landmark firm as a victim of the spy agency’s blurring of the lines between its...

-0.2AI Score

2014-02-25 01:17 PM
9
ciscothreats
ciscothreats

Threat Outbreak Alert: Fake Online Order Details Email Messages on February 8, 2014

Medium Alert ID: 32785 First Published: 2014 February 10 18:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to French-language spam email messages that claim to contain an online order notification for the recipient. The text in the email message attempts to...

0.2AI Score

2014-02-10 06:13 PM
8
ciscothreats
ciscothreats

Threat Outbreak Alert: Fake Purchase Order Notification Email Messages on November 13, 2013

Medium Alert ID: 31769 First Published: 2013 November 14 17:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a purchase order notification for the recipient. The text in the email message attempts to convince the...

-0.1AI Score

2013-11-14 05:22 PM
16
Total number of security vulnerabilities1411