Lucene search
+L

128 matches found

Tenable Nessus
Tenable Nessus
added 2013/12/04 12:0 a.m.33 views

Scientific Linux Security Update : augeas on SL6.x i386/x86_64 (20131121)

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

3.7CVSS5.6AI score0.00446EPSS
Exploits1References3
Amazon
Amazon
added 2013/12/02 12:0 a.m.39 views

Low: augeas

Issue Overview: Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a...

3.7CVSS6.7AI score0.00446EPSS
Exploits1References1
OSV
OSV
added 2013/11/23 6:55 p.m.12 views

CVE-2012-0786

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

5.6AI score
Exploits0References5
OSV
OSV
added 2013/11/23 6:55 p.m.5 views

UBUNTU-CVE-2012-0786

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

3.3CVSS5.9AI score0.00446EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/11/23 6:55 p.m.38 views

CVE-2012-0786

The transformsave function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file...

3.3CVSS6AI score0.00446EPSS
Exploits0References1
CVE
CVE
added 2013/11/23 6:0 p.m.83 views

CVE-2012-0786

CVE-2012-0786 concerns Augeas: the transform_save function in transform.c before 1.0.0 allows local users to overwrite arbitrary files and disclose sensitive data via a symlink attack on a .augnew file. Real-world references across multiple advisories confirm the affected component is Augeas and ...

3.3CVSS5.6AI score0.00446EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2013/11/21 12:0 a.m.34 views

RedHat Update for augeas RHSA-2013:1537-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS6.5AI score0.00446EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/03/19 12:0 a.m.27 views

Fedora Update for bugzilla FEDORA-2013-2845

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.4AI score0.01741EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/03/01 12:0 a.m.36 views

Bugzilla Information Disclosure and Cross-Site Scripting Vulnerabilities

Bugzilla is prone to information disclosure and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS5.6AI score0.01657EPSS
Exploits0References6
CVE
CVE
added 2013/02/24 11:0 a.m.59 views

CVE-2013-0786

The CVE-2013-0786 issue affects Bugzilla 2.x and 3.x before 3.6.13, and 4.0.x before 4.0.10, where Bugzilla::Search::build_subselect generates different error messages for invalid product queries depending on product existence. This behavior allows remote attackers to discover private product nam...

5CVSS6.5AI score0.01657EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.50 views

SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7627)

IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...

10CVSS8.3AI score0.06277EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2011/08/29 12:0 a.m.3643 views

SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure

The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...

10CVSS7.1AI score0.76751EPSS
Exploits31References51
Tenable Nessus
Tenable Nessus
added 2011/07/19 12:0 a.m.223 views

SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7626)

IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...

10CVSS8.3AI score0.06277EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2011/07/19 12:0 a.m.339 views

SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)

IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start...

10CVSS8.3AI score0.06277EPSS
Exploits0References33
Tenable Nessus
Tenable Nessus
added 2011/06/15 12:0 a.m.55 views

SuSE 11.1 Security Update : Sun/Oracle Java (SAT Patch Number 4698)

Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujune2011-3133 39.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

10CVSS8.1AI score0.06277EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2011/06/14 6:55 p.m.47 views

CVE-2011-0786

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors...

7.6CVSS5.9AI score0.02437EPSS
Exploits0References1
CVE
CVE
added 2011/06/14 6:0 p.m.90 views

CVE-2011-0786

CVE-2011-0786 affects Oracle Java SE 6 on Windows (JRE/Deployment components) and is part of a set of vulnerabilities addressed by Java 6 Update 26. The issue is described as an unspecified vulnerability in the JRE deployment area that could allow remote execution or disclosure via untrusted Web ...

7.6CVSS5.6AI score0.02437EPSS
Exploits0References16Affected Software2
OpenVAS
OpenVAS
added 2010/11/16 12:0 a.m.28 views

IBM WebSphere Application Server JAX-WS Denial Of Service Vulnerability

IBM WebSphere Application Server is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions for legitimate users. Versions prior to IBM WebSphere Application Server 7.0 7.0.0.13 are vulnerable. OpenVAS Vulnerability Test $Id:...

5CVSS0.6AI score0.02213EPSS
Exploits0References3
CVE
CVE
added 2010/11/09 8:0 p.m.66 views

CVE-2010-0786

IBM WebSphere Application Server 7.x is affected by CVE-2010-0786 in the Web Services Security/JAX-WS handling. WAS 7.0 before 7.0.0.13 allows remote attackers to trigger a denial of service via a crafted JAX-WS request that leads to data corruption due to improper JAX-WS implementation. Affected...

5CVSS6.5AI score0.02213EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2009/10/08 12:0 a.m.3 views

Apache apr-util IPv6 URI Parsing (CVE-2004-0786)

Apache HTTP server version 2 introduced the Apache Portable Runtime APR, which provides a middle layer between platform independent Apache code and the native operating system API. One of the functions provided by the APR utilities component is the parsing of URI strings. Having this functionalit...

5CVSS7.1AI score0.21769EPSS
Exploits0
Rows per page
Query Builder