Lucene search
+L

38 matches found

nessus
nessus
added 2020/12/09 12:0 a.m.27 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:3631-1)

This update for xen fixes the following issues : bsc1178963 - stack corruption from XSA-346 change XSA-355 bsc1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - CVE-2020-27672: Race condition in Xen mapping code XSA-345 bsc1177413 -...

7.8CVSS6.3AI score0.00393EPSS
Exploits0References17
nessus
nessus
added 2020/12/09 12:0 a.m.37 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:3050-1)

This update for xen fixes the following issues : bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 bsc1177413 - VUL-0: CVE-2020-27671: xen: undue deferra...

7.8CVSS6.4AI score0.0041EPSS
Exploits0References13
nessus
nessus
added 2020/12/09 12:0 a.m.36 views

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3049-1)

This update for xen fixes the following issues : bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 bsc1177413 - VUL-0: CVE-2020-27671: xen: undue deferra...

7.8CVSS6.4AI score0.0041EPSS
Exploits0References13
nessus
nessus
added 2020/11/20 12:0 a.m.48 views

Fedora 31 : xen (2020-6dd36a716c)

revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 ---- x86: Race condition in Xen mapping code XSA-345 undue deferral of IOMMU TLB flushes XSA-346 unsafe AMD IOMMU page table updates XSA-347 No...

7.8CVSS6.7AI score0.00353EPSS
Exploits0References5
nessus
nessus
added 2020/11/12 12:0 a.m.36 views

Fedora 33 : xen (2020-ec84c1565b)

revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 simplify grub scripts patches from Thierry Vignaud some fixes for gcc 11 Note that Tenable Network Security has extracted the preceding...

5.3CVSS7.2AI score0.00353EPSS
Exploits0References2
ics
ics
added 2020/02/18 7:0 a.m.67 views

GE Healthcare Ultrasound products (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION : low attack complexity Vendor : GE Healthcare Equipment : Ultrasound Products Vulnerability : Protection Mechanism Failure, Incorrect User Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

7.4CVSS7.3AI score0.00428EPSS
Exploits0References11
fedora
fedora
added 2019/07/08 1:9 a.m.33 views

[SECURITY] Fedora 30 Update: dosbox-0.74.3-2.fc30

DOSBox is a DOS-emulator using SDL for easy portability to different platforms. DOSBox has already been ported to several different platforms, such as Windows, BeOS, Linux, Mac OS X... DOSBox emulates a 286/386 realmode CPU, Directory FileSystem/XMS/EMS, a SoundBlaster card for excellent sound...

9.8CVSS0.7AI score0.06685EPSS
Exploits1
packetstorm
packetstorm
added 2019/03/26 12:0 a.m.384 views

SPIP CMS 2.x / 3.x Add Administrator / File Upload

Exploit Title : Spip CMS 2.x/3.x Add Administrator Account & Arbitrary File Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Published Date : 26/03/2019 First Discovered Date : 2013 - 2014 Vendor Homepage : spip.net Software Download Links :...

7.5CVSS0.3AI score0.08982EPSS
Exploits4
ibm
ibm
added 2018/06/15 7:3 a.m.47 views

Security Bulletin: Vulnerability with Java Portlet Specification JSR 286 may affect WebSphere Application Server (CVE-2015-1926)

Summary There has been a change to the Java Portlet Specification 2.0 JSR 286 that may affect some configurations of WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-1926 DESCRIPTION: The Java Portlet Specification JSR 286 API jar file code could allow a remote attacker to obta...

5.5CVSS0.2AI score0.02118EPSS
Exploits0Affected Software2
zdt
zdt
added 2017/09/28 12:0 a.m.84 views

LAquis SCADA 4.1.0.2385 - Directory Traversal Exploit

Exploit for multiple platform in category remote exploits require 'msf/core' class MetasploitModule 'LAquis SCADA Web Server Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal vulnerability found in the LAquis SCADA application. The...

5.8AI score0.08733EPSS
Exploits4
cnvd
cnvd
added 2017/09/20 12:0 a.m.5 views

Sophos HitmanPro.Alert solution and Sophos Clean SurfRight HitmanPro security vulnerabilities

Sophos HitmanPro.Alert solution and Sophos Clean are both virus protection software from Sophos UK.SurfRight HitmanPro is one of the malware scanning tools available. A security vulnerability exists in versions prior to SurfRight HitmanPro 3.7.20 Build 286 in Sophos HitmanPro.Alert solution and...

7.8CVSS7.7AI score0.00462EPSS
Exploits1References1
osv
osv
added 2017/09/13 8:29 a.m.3 views

CVE-2017-7441

In Sophos SurfRight HitmanPro before 3.7.20 Build 286 included in the HitmanPro.Alert solution and Sophos Clean, a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical informatio...

7.8CVSS5.9AI score0.00462EPSS
Exploits1References2
hackapp
hackapp
added 2016/04/01 9:4 a.m.5 views

ISO Tolerances (DIN ISO 286-1) - Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application ISO Tolerances DIN ISO 286-1 published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
openvas
openvas
added 2015/09/08 12:0 a.m.38 views

Amazon Linux: Security Advisory (ALAS-2014-286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS6.4AI score0.00368EPSS
Exploits0References2
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.28 views

Prolink PRN2001 - Multiple Vulnerabilities

Prolink PRN2001 - Multiple Vulnerabilities Exploit Title: Prolink PRN2001 Multiple Vulnerabilities 1. -Advisory Information- Title: Prolink PRN2001 Multiple Vulnerabilities Firmware: Ver 1.2 Firmware URL: http://www.prolink2u.com/download/fw/fwPRN2001V1.220130323.zip Vendor Homepage:...

0.4AI score
Exploits0
nvd
nvd
added 2013/04/25 11:55 p.m.35 views

CVE-2012-4464

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...

5CVSS6.6AI score0.0218EPSS
Exploits0References7
cvelist
cvelist
added 2013/04/25 11:0 p.m.43 views

CVE-2012-4464

Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the 1 exctos or 2 nameerrtos API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE:...

6.7AI score0.0218EPSS
Exploits0References7
amazon
amazon
added 2012/10/23 12:0 a.m.46 views

Medium: ruby

Issue Overview: Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the nameerrmesgtostr API function, which marks the string as tainted, a different...

5CVSS8.5AI score0.02772EPSS
Exploits2
Rows per page
Query Builder