CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2016/01/15 12:0 a.m.•1 views

Denial of Service Vulnerability in Multiple Huawei Products

The Huawei TE30, TE40, TE50 and TE60 are all-in-one HD video conferencing endpoints from Huawei China that support intelligent voice calling and Wi-Fi wireless connectivity. A security vulnerability in the presentation transmission permission management mechanism of the Huawei TE30, TE40, TE50, a...

5.3CVSS6.8AI score0.00224EPSS

Tenable Nessus•added 2016/01/13 12:0 a.m.•18 views

Janitza Multiple UMG Devices Remote Debug Interface RCE

Binary data scadajanitzadebugsvc.nbin...

7.5CVSS7.3AI score0.00361EPSS

Exploits0References3

RedHat Linux•added 2016/01/12 2:48 p.m.•2 views

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...

OpenVAS•added 2016/01/11 12:0 a.m.•24 views

Debian Security Advisory DSA 3441-1 (perl - security update)

David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...

7.5CVSS0.3AI score0.05664EPSS

Kitploit•added 2016/01/09 5:35 p.m.•308 views

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik...

9.6AI score

RedHat Linux•added 2016/01/07 1:52 p.m.•2 views

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

Talos•added 2016/01/07 12:0 a.m.•89 views

RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0066 RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability January 7, 2016 CVE Number CVE-2015-8270 Description The vulnerability occurs within the AMF3ReadString function within amf.c. If an attacker sets up a malicious RTMP Media server that...

7.5CVSS8.4AI score0.00762EPSS

Exploits1

Metasploit•added 2016/01/03 4:45 a.m.•32 views

Android ADB Debug Server Remote Payload Execution

Writes and spawns a native payload on an android device that is listening for adb debug messages. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android ADB Debug Server Remote Payload...

7AI score

Exploits0

RedHat Linux•added 2015/12/21 7:9 p.m.•1 views

openstack-ironic-discoverd: potential remote code execution with debug mode enabled

It was discovered that enabling debug mode in openstack-ironic-discoverd also enabled debug mode in the underlying Flask framework. If errors were encountered while Flask was in debug mode, a user experiencing an error might be able to access the debug console effectively, a command shell...

6.8CVSS5.8AI score0.00574EPSS

RedHat Linux•added 2015/12/21 7:9 p.m.•23 views

Important: Red Hat Security Advisory: openstack-ironic-discoverd security update

Updated openstack-ironic-discoverd packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

6.8CVSS5.7AI score0.00574EPSS

Exploits0References2

OpenVAS•added 2015/12/18 12:0 a.m.•49 views

Ubuntu: Security Advisory (USN-2840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.5AI score0.00327EPSS

Exploits0References2

Ubuntu•added 2015/12/17 7:24 p.m.•76 views

USN-2843-2: Linux kernel (Wily HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.3AI score0.00327EPSS

Exploits1

OSV•added 2015/12/17 7:24 p.m.•1 views

USN-2843-2 linux-lts-wily vulnerabilities

OSV•added 2015/12/17 8:34 a.m.•2 views

Exploits1References6

USN-2844-1 linux-lts-utopic vulnerabilities

Ubuntu•added 2015/12/17 8:1 a.m.•70 views

Exploits1References4

USN-2842-1: Linux kernel vulnerabilities

10CVSS6.4AI score0.00327EPSS

Exploits1

RedHat Linux•added 2015/12/15 2:36 p.m.•1 views

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

RedHat Linux•added 2015/12/15 1:57 p.m.•3 views

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

FreeBSD•added 2015/12/15 12:0 a.m.•30 views

kea -- unexpected termination while handling a malformed packet

ISC Support reports: ISC Kea may terminate unexpectedly crash while handling a malformed client packet. Related defects in the kea-dhcp4 and kea-dhcp6 servers can cause the server to crash during option processing if a client sends a malformed packet. An attacker sending a crafted malformed packe...

7.1CVSS6.4AI score0.03062EPSS

RedHat Linux•added 2015/12/08 10:51 a.m.•2 views

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception