Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX...
5.5CVSS
5.4AI Score
0.001EPSS
Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX...
5.4AI Score
0.001EPSS
HP SiteScope Multiple Vulnerabilities (HPESBGN03763)
The version of HP SiteScope running on the remote host is 11.2x or 11.3x. It is, therefore, affected by multiple vulnerabilities : A cryptographic weakness exists in the ss_pu.jar library due to the use of hard-coded encryption keys. A local attacker can exploit this to disclose...
7.8CVSS
-0.2AI Score
0.001EPSS
0.3AI Score
0.001EPSS
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was...
6.4AI Score
0.0004EPSS
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service...
7.5CVSS
7.5AI Score
0.001EPSS
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service...
7.5CVSS
7.6AI Score
0.001EPSS
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service...
7.5CVSS
7.5AI Score
0.001EPSS
A Stack-Based Buffer Overflow issue was discovered in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service...
7.6AI Score
0.001EPSS
Digital Canal Structural Wind Analysis
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Digital Canal Structural Equipment: Wind Analysis Vulnerability: Stack-Based Buffer Overflow AFFECTED PRODUCTS The following versions of Wind Analysis, a structural engineering software platform, are affected: Wind...
7.5CVSS
7.9AI Score
0.001EPSS
HPE SiteScope contains multiple vulnerabilities
Overview HPE's SiteScope is vulnerable to several cryptographic issues, insufficiently protected credentials, and missing authentication. Description HPE's SiteScope is vulnerable to several vulnerabilities. The researcher reports that version 11.31.461 is affected; other versions may also be...
7.8CVSS
-0.2AI Score
0.001EPSS
Oracle Linux 7 : kernel (ELSA-2017-1308)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1308 advisory. The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by...
7.8CVSS
7.5AI Score
0.001EPSS
Oracle Linux 7 : kernel (ELSA-2017-1308-1)
Description of changes: [3.10.0-514.21.1.0.1.el7.OL7] [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377] Oracle Linux certificates (Alexey Petrenko) Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko at oracle.com).....
7.8CVSS
7.3AI Score
0.001EPSS
F5 BIG-IP - TMM vulnerability CVE-2017-6137
Undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations....
5.9CVSS
5.8AI Score
0.001EPSS
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2017:1308 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size...
7.8CVSS
7.2AI Score
0.001EPSS
7.8CVSS
7AI Score
0.001EPSS
RHEL 7 : kernel-rt (RHSA-2017:1298)
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability...
7.8CVSS
7.3AI Score
0.001EPSS
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from.....
7.8CVSS
7.3AI Score
0.001EPSS
7.8CVSS
7.2AI Score
0.001EPSS
RHEL 7 : kernel (RHSA-2017:1308)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
7.8CVSS
7.3AI Score
0.001EPSS
Scientific Linux Security Update : kernel on SL7.x x86_64 (20170525)
Security Fix(es) : It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the...
7.8CVSS
7.1AI Score
0.001EPSS
CentOS 7 : kernel (CESA-2017:1308)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
7.8CVSS
7.3AI Score
0.001EPSS
kernel security, bug fix, and enhancement update
[3.10.0-514.21.1.OL7] Oracle Linux certificates (Alexey Petrenko) Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) Update x509.genkey [bug 24817676] [3.10.0-514.21.1] [kernel] sched/core: Fix an SMP ordering race in...
7.8CVSS
-0.2AI Score
0.001EPSS
kernel security, bug fix, and enhancement update
[3.10.0-514.21.1.0.1.el7.OL7] [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377] Oracle Linux certificates (Alexey Petrenko) Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) Update x509.genkey [bug...
7.8CVSS
-0.2AI Score
0.001EPSS
(RHSA-2017:1308) Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability...
7.8CVSS
7.2AI Score
0.001EPSS
(RHSA-2017:1298) Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain...
7.8CVSS
7.2AI Score
0.001EPSS
(RHSA-2017:1297) Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain...
7.8CVSS
7.2AI Score
0.001EPSS
OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0105)
The remote OracleVM system is missing necessary patches to address critical security updates : nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986990] (CVE-2017-7895) fnic: Update fnic driver version to 1.6.0.24 (John Sobecki) [Orabug: 24448585] ...
9.8CVSS
7.1AI Score
EPSS
OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0106)
The remote OracleVM system is missing necessary patches to address critical security updates : nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986995] (CVE-2017-7895) ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not...
9.8CVSS
7.6AI Score
EPSS
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3566)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3566 advisory. The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a MOV SS, NULL...
9.8CVSS
7.8AI Score
EPSS
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3567)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3567 advisory. The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL...
9.8CVSS
7.9AI Score
EPSS
Unbreakable Enterprise kernel security update
kernel-uek [3.8.13-118.18.2] - nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986990] {CVE-2017-7895} [3.8.13-118.18.1] - fnic: Update fnic driver version to 1.6.0.24 (John Sobecki) [Orabug: 24448585] - xen-netfront: Rework the fix for Rx stall during OOM and...
9.8CVSS
0.1AI Score
EPSS
Unbreakable Enterprise kernel security update
[2.6.39-400.295.2] - nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986995] {CVE-2017-7895} [2.6.39-400.295.1] - ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN (Tariq Saeed) [Orabug: 25510857] - IB/CORE: sync the...
9.8CVSS
-0.2AI Score
EPSS
champagne-moyat-jaury-guilbaud.com XSS vulnerability
Vulnerable URL: http://www.champagne-moyat-jaury-guilbaud.com/espace-client/login.php?location=%2Fespace-client%2F%22%27--!%3E%3CScript%20/K/%3Econfirm(OPENBUGBOUNTY)%3C/Script%20/K/%3E# Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:|...
6.3AI Score
Security Advisory - 'WannaCry ransomware' Vulnerabilities in Microsoft Windows Systems
Huawei noticed that the WannaCry ransomware targeting at Windows exploits multiple vulnerabilities in Windows Server Message Block v1 (SMBv1). These vulnerabilities were disclosed by Microsoft in Microsoft security bulletin MS17-010 on March 14. Successful exploit of these vulnerabilities could...
8.1CVSS
8.9AI Score
0.974EPSS
Description of the security update for SharePoint Foundation 2013: May 9, 2017
Description of the security update for SharePoint Foundation 2013: May 9, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft.....
6.2AI Score
0.001EPSS
F5 Networks BIG-IP : TMM vulnerability (K82851041)
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a...
5.9CVSS
5.9AI Score
0.001EPSS
Security Advisory - Three OpenSSL Vulnerabilities in Huawei Products
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. If a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client...
7.5CVSS
7.1AI Score
0.954EPSS
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1089)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain...
7.8CVSS
0.6AI Score
0.001EPSS
Security update for the Linux Kernel (important)
The SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes. The following security bugs were fixed: CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs...
3.6AI Score
0.736EPSS
espace-invention.ch XSS vulnerability
Vulnerable URL: http://www.espace-invention.ch/addToCart.asp Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
6.3AI Score
Security Advisory - Input Validation Vulnerability in Multiple Huawei Products
There is an input validation vulnerability in Huawei Multiple products. Due to the lack of input validation on the device, a remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial...
8.8CVSS
8.5AI Score
0.004EPSS
OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0061)
The remote OracleVM system is missing necessary patches to address critical security updates : udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25874741] (CVE-2016-10229) block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877531]...
9.8CVSS
8.8AI Score
0.048EPSS
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3537)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3537 advisory. Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by...
7.8CVSS
0.3AI Score
0.001EPSS
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3538)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3538 advisory. Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain...
9.8CVSS
9.3AI Score
0.048EPSS
OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0060)
The remote OracleVM system is missing necessary patches to address critical security updates : block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877530]...
7.8CVSS
0.1AI Score
0.001EPSS
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3539)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3539 advisory. Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain...
7.8CVSS
7.9AI Score
0.047EPSS
OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0062)
The remote OracleVM system is missing necessary patches to address critical security updates : uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25698171] ksplice: add sysctls for determining Ksplice features. (Jamie Iles) signal: protect SIGNAL_UNKILLABLE from unintentional ...
7.8CVSS
7.3AI Score
0.047EPSS
CentOS 6 : kernel (CESA-2017:0892)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.2AI Score
0.001EPSS