Lucene search
+L

131 matches found

Tenable Nessus
Tenable Nessus
added 2016/12/08 12:0 a.m.39 views

OracleVM 3.3 : xen (OVMSA-2016-0171)

The remote OracleVM system is missing necessary patches to address critical security updates : - qemuup: ioportread, ioportwrite: be defensive about 32-bit addresses On x86, ioport addresses are 16-bit. That these functions take 32-bit arguments is a mistake. Changing the argument type to 16-bit...

7.5CVSS7.8AI score0.00364EPSS
Exploits0References2
Circl
Circl
added 2016/06/15 12:0 a.m.25 views

CVE-2016-0171

creationtimestamp| type| source ---|---|--- 2016-06-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39959...

7.8CVSS6.8AI score0.03799EPSS
Exploits2References1
NVD
NVD
added 2016/05/11 1:59 a.m.18 views

CVE-2016-0171

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...

7.8CVSS7.5AI score0.03799EPSS
Exploits2References5
CVE
CVE
added 2016/05/11 1:0 a.m.110 views

CVE-2016-0171

CVE-2016-0171 is a Windows kernel‑mode elevation of privilege vulnerability affecting Win32k in several Windows releases (Vista SP2 to Windows 10 1511). The entry describes that a crafted user‑mode application can trigger a local privilege escalation via a flaw in the Win32k subsystem, with explo...

7.8CVSS7.5AI score0.03799EPSS
Exploits2References5Affected Software7
OpenVAS
OpenVAS
added 2016/05/11 12:0 a.m.136 views

Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)

This host is missing an important security update according to Microsoft Bulletin MS16-062. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.8CVSS6AI score0.03821EPSS
Exploits5References3
Check Point Advisories
Check Point Advisories
added 2016/05/10 12:0 a.m.38 views

Microsoft Windows Win32k Elevation of Privilege (MS16-062: CVE-2016-0171)

An elevation of privilege vulnerability exists in the Windows Kernel. The vulnerability is due to the way Windows handles DC surface. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted application...

7.2CVSS7.4AI score0.03799EPSS
Exploits2
Symantec
Symantec
added 2016/05/10 12:0 a.m.36 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0171 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...

7.2CVSS3.7AI score0.03799EPSS
Exploits2Affected Software5
Kaspersky
Kaspersky
added 2016/05/10 12:0 a.m.96 views

KLA11914 Multiple vulnerability in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...

9.3CVSS8.9AI score0.93165EPSS
Exploits21References45
Tenable Nessus
Tenable Nessus
added 2016/05/10 12:0 a.m.69 views

MS16-062: Security Update for Windows Kernel-Mode Drivers (3158222)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple privilege escalation vulnerabilities exist in the Windows kernel-mode driver due to a failure to properly handle objects in memory. An authenticated, remote attacker can explo...

7.8CVSS7AI score0.03821EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2010-0112)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.10514EPSS
Exploits9References2
Cvelist
Cvelist
added 2015/01/15 3:0 p.m.33 views

CVE-2014-0171

XML external entity XXE vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint...

6.6AI score0.0211EPSS
Exploits1References2
CVE
CVE
added 2015/01/15 3:0 p.m.52 views

CVE-2014-0171

An XXE vulnerability (CVE-2014-0171) affects StaxXMLFactoryProvider2 in Odata4j used by Red Hat JBoss Data Virtualization prior to 6.0.0 patch 4. The flaw lets a remote attacker submit a crafted XML payload via a REST endpoint that resolves external entities and can read arbitrary files on the se...

5CVSS6.8AI score0.0211EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2015/01/12 5:32 p.m.52 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update

Red Hat JBoss Data Virtualization 6.0.0 roll up patch 4, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

5CVSS7.1AI score0.0211EPSS
Exploits3References5
CVE
CVE
added 2014/05/08 2:0 p.m.50 views

CVE-2013-0171

CVE-2013-0171 affects Foreman prior to version 1.1. The vulnerability allows remote attackers to execute arbitrary code by sending a crafted YAML object to the fact or report import API. Documents confirm impact as remote code execution with network access and no authentication required, but do n...

7.5CVSS7.9AI score0.02974EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.29 views

Scientific Linux Security Update : boost on SL5.x i386/x86_64 (20120221)

The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker...

5CVSS6AI score0.02686EPSS
Exploits1References3
seebug.org
seebug.org
added 2012/04/12 12:0 a.m.27 views

Microsoft Internet Explorer SelectAll远程代码执行漏洞(CVE-2012-0171)(MS12-023)

BUGTRAQ ID: 52905 CVE ID: CVE-2012-0171 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer在访问已经删除的对象时在实现上存在可以破坏内存的远程代码执行漏洞,攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet Explorer 7.x Microsoft Internet Explorer 6.x...

9.3CVSS6.4AI score0.27059EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/04/11 12:0 a.m.29 views

Microsoft Internet Explorer Multiple Vulnerabilities (2675157)

This host is missing a critical security update according to Microsoft Bulletin MS12-023. OpenVAS Vulnerability Test $Id: secpodms12-023.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2675157 Authors: Rachana Shetty Copyright: Copyright c 2012 SecPo...

9.3CVSS0.1AI score0.30421EPSS
Exploits5References5
CVE
CVE
added 2012/04/10 9:0 p.m.139 views

CVE-2012-0171

CVE-2012-0171 affects Microsoft Internet Explorer 6–9. The vulnerability arises from how IE handles in-memory objects; accessing a deleted object can lead to memory corruption and remote code execution. Connected sources confirm this is the well-known “SelectAll Remote Code Execution Vulnerabilit...

9.3CVSS8.1AI score0.27059EPSS
Exploits1References5Affected Software1
Check Point Advisories
Check Point Advisories
added 2012/04/10 12:0 a.m.13 views

Internet Explorer SelectAll Remote Code Execution (MS12-023; CVE-2012-0171)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.27059EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2012/02/21 12:0 a.m.27 views

RHEL 5 : boost (RHSA-2012:0305)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0305 advisory. The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standa...

5CVSS6.2AI score0.02686EPSS
Exploits1References9
Rows per page
Query Builder