Lucene search
K

107 matches found

NVD
NVD
added 2017/07/17 1:18 p.m.13 views

CVE-2017-2249

Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.7AI score0.01059EPSS
Exploits0References2
CVE
CVE
added 2017/07/14 4:0 p.m.48 views

CVE-2017-2249

The CVE-2017-2249 entry concerns an Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ (up to version 3.4.0). An attacker can gain privileges by placing a Trojan horse DLL in an unspecified directory, enabling code execution with the caller’s privileges when the...

9.3CVSS7.7AI score0.01059EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/07 12:0 a.m.89 views

JVN#21369452: Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries

Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
CVE
CVE
added 2017/01/02 9:46 a.m.28 views

CVE-2016-2249

CVE-2016-2249 entry is rejected/not used.

6.6AI score
Exploits0
Cvelist
Cvelist
added 2017/01/02 9:46 a.m.7 views

CVE-2016-2249

...

Exploits0
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.23 views

Oracle: Security Advisory (ELSA-2010-0534)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.43382EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2014/06/23 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-2249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.5CVSS6.6AI score0.0162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/19 12:0 a.m.35 views

Ubuntu 14.04 LTS : OpenStack Heat vulnerability (USN-2249-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2249-1 advisory. Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see...

3.5CVSS5.5AI score0.0162EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/03/21 12:0 a.m.53 views

Siemens SIMATIC S7-1200多个漏洞

CVE ID: CVE-2014-2249,CVE-2014-2250,CVE-2014-2252,CVE-2014-2254,CVE-2014-2256,CVE-2014-2258 SIMATIC S7-1200是可编程控制器,可实现简单却高度精确的自动化任务。 Siemens SIMATIC S7-1200 4.0.0之前版本在实现上存在多个漏洞,可被恶意利用执行跨站请求伪造、劫持用户会话、造成拒绝服务。 1、向TCP端口443发送特制的数据包造成的错误可造成设备进入defect模式。 2、随机生成器内弱熵相关错误,可导致劫持另外用户的会话。...

8.3CVSS6.4AI score0.04642EPSS
Exploits1
CVE
CVE
added 2014/03/16 10:0 a.m.47 views

CVE-2014-2249

CVE-2014-2249 is a CSRF vulnerability in Siemens SIMATIC S7-1500 (< v1.5) and S7-1200 (

5.8CVSS7.2AI score0.01344EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCve
added 2014/02/03 3:55 a.m.30 views

CVE-2012-2249

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...

5CVSS5.9AI score0.0129EPSS
Exploits0References2
CVE
CVE
added 2014/02/03 2:0 a.m.64 views

CVE-2012-2249

The CVE-2012-2249 entry concerns Tor prior to 0.2.3.23-rc, where a denial-of-service is triggered by a renegotiation attempt after the V3 link protocol is initiated. The underlying effect is an assertion failure that causes the daemon to exit. Public references consistently state the vulnerabilit...

5CVSS6.7AI score0.0129EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.41 views

Fedora Update for httpd FEDORA-2013-13994

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2013-13994 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

7.5CVSS7.1AI score0.29484EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.46 views

Fedora Update for httpd FEDORA-2013-13922

Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2013-13922 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

7.5CVSS7.1AI score0.29484EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.43 views

Fedora Update for httpd FEDORA-2013-13994

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/08/20 12:0 a.m.45 views

Fedora 18 : httpd-2.4.6-2.fc18 (2013-13922)

This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...

7.5CVSS8.1AI score0.29484EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2013/08/10 12:0 a.m.46 views

Fedora 19 : httpd-2.4.6-2.fc19 (2013-13994)

This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...

7.5CVSS8.1AI score0.29484EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2013/08/07 12:0 a.m.48 views

Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : httpd (SSA:2013-218-02)

New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-218-02. The tex...

7.5CVSS8AI score0.29484EPSS
Exploits5References3
Slackware Linux
Slackware Linux
added 2013/08/06 7:20 a.m.58 views

[slackware-security] httpd

New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/httpd-2.4.6-i486-1slack14.0.txz: Upgraded. This update addresses two security issues: SECURITY:...

7.5CVSS7.2AI score0.29484EPSS
Exploits5
Mageia
Mageia
added 2013/07/26 11:36 a.m.58 views

Updated apache packages fix security vulnerabilities

Updated apache packages fix security vulnerabilities: moddav.c in the Apache HTTP Server before 2.4.6 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...

7.5CVSS1.3AI score0.29484EPSS
Exploits5References6
Rows per page
Query Builder