Lucene search
+L

96 matches found

RedHat Linux
RedHat Linux
added 2015/04/07 3:7 p.m.38 views

Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...

5.1CVSS5.8AI score0.01061EPSS
Exploits0References10
CVE
CVE
added 2015/04/01 2:0 p.m.83 views

CVE-2015-0259

CVE-2015-0259 affects OpenStack Compute (Nova) prior to specific revisions (OpenStack Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3) where the websocket origin is not validated. This enables remote attackers to hijack a user’s authenticated session for console access via ...

5.1CVSS6.8AI score0.01061EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2015/01/15 12:0 a.m.20 views

Fedora Update for owasp-esapi-java FEDORA-2015-0259

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5AI score
Exploits0References2
NVD
NVD
added 2014/01/15 4:13 p.m.29 views

CVE-2014-0259

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...

9.3CVSS7.6AI score0.1646EPSS
Exploits1References3
CVE
CVE
added 2014/01/15 2:0 a.m.76 views

CVE-2014-0259

CVE-2014-0259 : Word Memory Corruption Vulnerability affecting Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 via crafted Office documents. Root cause is memory corruption when parsing crafted files, enabling remote code execution and potential DoS. Affected products/themes align with ...

9.3CVSS8.6AI score0.1646EPSS
Exploits1References3Affected Software2
seebug.org
seebug.org
added 2014/01/15 12:0 a.m.28 views

Microsoft Word内存破坏漏洞

BUGTRAQ ID: 64727 CVECAN ID: CVE-2014-0259 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序。 受影响Microsoft Word 软件解析特制文件时存在远程代码执行漏洞,成功利用这些漏洞后,可导致完全控制受影响系统。 0 Microsoft Word 2013 Microsoft Word 2010 Microsoft Word 2007 Microsoft Word 2003 临时解决方法: 安装配置MOICE为.doc文件的注册处理程序; 用Office文件阻止策略阻止打开.doc和.dot二进制文件;...

9.3CVSS8.7AI score0.1646EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/01/15 12:0 a.m.36 views

Microsoft SharePoint Server Remote Code Execution Vulnerability (2916605)

This host is missing an important security update according to Microsoft Bulletin MS14-001. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

9.3CVSS4.9AI score0.1646EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.32 views

Oracle Linux 6 : ImageMagick (ELSA-2012-0544)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0544 advisory. - Add fix for CVE-2010-4167 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 Tenable has extracted the preceding description block...

8.8CVSS6.8AI score0.29677EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.31 views

Oracle Linux 5 : ImageMagick (ELSA-2012-0545)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0545 advisory. - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 Tenable has extracted the...

8.8CVSS6.8AI score0.29677EPSS
Exploits1References4
CVE
CVE
added 2013/03/27 9:0 p.m.45 views

CVE-2013-0259

The CVE-2013-0259 entry concerns Drupal’s contributed Boxes module (7.x-1.x) with versions prior to 7.x-1.1. The vulnerability is Cross-site scripting (XSS) that enables remote authenticated users who have administer or edit boxes permissions to inject arbitrary web script or HTML via the subject...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2013/01/30 12:0 a.m.17 views

SA-CONTRIB-2013-013 - Boxes - Cross site scripting (XSS)

The subject field for the included simple box doesn't escape HTML properly. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to administer/edit boxes. Wikipedia has more information about cross site scripting XSS. CVE identifiers issued CVE-2013-02...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.26 views

Fedora Update for ImageMagick FEDORA-2012-11746

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS6.8AI score0.02754EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.20 views

FreeBSD Ports: ImageMagick

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.5CVSS6.6AI score0.02397EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.44 views

Mandriva Update for imagemagick MDVSA-2012:077 (imagemagick)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/06/20 12:0 a.m.31 views

SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 8104)

This update of ImageMagick fixes multiple security vulnerabilities that could have been exploited by attackers via specially crafted image files : - Integer overflow when processing EXIF directory entries with tags of e.g. format 5 EXIFFMTURATIONAL and a large components count. CVE-2012-0259 /...

8.8CVSS6.7AI score0.29677EPSS
Exploits1References14
OSV
OSV
added 2012/06/05 10:55 p.m.12 views

CVE-2012-0259

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service crash via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read...

6.5CVSS6.5AI score0.0236EPSS
Exploits1References22
Prion
Prion
added 2012/06/05 10:55 p.m.29 views

Integer overflow

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service out-of-bounds read via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete f...

5CVSS6.5AI score0.04749EPSS
Exploits1References13Affected Software4
Debian CVE
Debian CVE
added 2012/06/05 10:0 p.m.51 views

CVE-2012-1610

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service out-of-bounds read via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete f...

7.5CVSS6.8AI score0.04749EPSS
Exploits0
CVE
CVE
added 2012/06/05 10:0 p.m.108 views

CVE-2012-0259

CVE-2012-0259 affects ImageMagick where the GetEXIFProperty function (magick/property.c) is vulnerable when processing JPEG EXIF XResolution tags. In ImageMagick versions before 6.7.6-3, a zero value in the component count can trigger an out-of-bounds read, leading to a denial of service (crash)....

6.5CVSS6.8AI score0.0236EPSS
Exploits1References17Affected Software1
RedHat Linux
RedHat Linux
added 2012/05/07 6:19 p.m.43 views

Moderate: Red Hat Security Advisory: ImageMagick security update

Updated ImageMagick packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

8.8CVSS7AI score0.03816EPSS
Exploits1References6
Rows per page
Query Builder