Lucene search
K

136 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.45 views

Fedora 29 : libssh2 (2019-f31c14682f)

This update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.3CVSS7.4AI score0.09219EPSS
Exploits0References10
ArchLinux
ArchLinux
added 2019/03/22 12:0 a.m.44 views

[ASA-201903-12] libssh2: multiple issues

Arch Linux Security Advisory ASA-201903-12 ========================================== Severity: Critical Date : 2019-03-22 CVE-ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Package : libssh2 Type : multiple issue...

9.3CVSS0.9AI score0.09219EPSS
Exploits0References29
CVE
CVE
added 2019/03/21 8:13 p.m.613 views

CVE-2019-3855

CVE-2019-3855 is a libssh2 integer overflow in the transport read path that may cause an out-of-bounds write when processing server packets. The issue appears in libssh2 prior to 1.8.1 and could enable code exposure or other impact if a user connects to a malicious SSH server. Connected advisorie...

9.3CVSS8.7AI score0.09219EPSS
Exploits0References27Affected Software1
The Hacker News
The Hacker News
added 2019/03/19 10:27 a.m.147 views

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Re...

9.3CVSS2.9AI score0.09219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/19 12:0 a.m.34 views

Slackware 14.2 / current : libssh2 (SSA:2019-077-01)

New libssh2 packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-077-01. The text itself is copyright C Slackware Linux, Inc...

9.3CVSS7.3AI score0.09219EPSS
Exploits0References10
Slackware Linux
Slackware Linux
added 2019/03/18 11:39 p.m.131 views

[slackware-security] libssh2

New libssh2 packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libssh2-1.8.1-i586-1slack14.2.txz: Upgraded. Fixed several security issues. For more information, see:...

9.3CVSS0.3AI score0.09219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/14 12:0 a.m.34 views

Ubuntu 16.04 LTS / 18.04 LTS : systemd vulnerabilities (USN-3855-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3855-1 advisory. It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could...

7.8CVSS7.3AI score0.02958EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2019/01/12 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3855-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.02958EPSS
Exploits4References2
NVD
NVD
added 2018/04/26 8:29 p.m.22 views

CVE-2018-3855

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

8.8CVSS8AI score0.01926EPSS
Exploits2References2
Cvelist
Cvelist
added 2018/04/26 8:0 p.m.31 views

CVE-2018-3855

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

8.8CVSS7.7AI score0.01926EPSS
Exploits2References2
CVE
CVE
added 2018/04/26 8:0 p.m.71 views

CVE-2018-3855

CVE-2018-3855 affects Hyland Perceptive Document Filters 11.4.0.2647. The DOC-to-HTML conversion path contains updateNumbering code that can be triggered by a crafted OpenDocument, causing a stack-based overflow/incorrect writes and remote code execution. Public writeups (Talos report TALOS-2018-...

8.8CVSS7.7AI score0.01926EPSS
Exploits2References2Affected Software1
Openbugbounty
Openbugbounty
added 2017/05/21 3:2 a.m.12 views

espnfc.com XSS vulnerability

Vulnerable URL: http://www.espnfc.com/player/127269/jordan-henderson?season=2014%27%22--!%3E%20%3C/script/%3E%3CSvg/Onload=confirmOPENBUGBOUNTY//%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/08/06 10:59 a.m.32 views

CVE-2016-3855

drivers/thermal/supplylmcore.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm...

7.8CVSS7.1AI score0.00385EPSS
Exploits0References3
CVE
CVE
added 2016/08/06 10:0 a.m.41 views

CVE-2016-3855

CVE-2016-3855 affects Qualcomm components in Android; the issue is in drivers/thermal/supply_lm_core.c where a count parameter is not validated, enabling out-of-bounds memory access and potentially a denial of service or other impact via a crafted application. The documents reference Qualcomm int...

7.8CVSS7.8AI score0.00385EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/19 11:39 p.m.9 views

images.etnet.com.hk Open Redirect vulnerability

Vulnerable URL: http://images.etnet.com.hk/ox/www/delivery/ck.php?oaparams=2bannerid=6773zoneid=0oadest=https://xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Ran...

6.9AI score
Exploits0
CVE
CVE
added 2014/08/07 10:0 a.m.44 views

CVE-2014-3855

CVE-2014-3855 affects Pyplate 0.08, where download.py is vulnerable to directory traversal via a '..' in the filename parameter, allowing remote reading of arbitrary files. The vulnerability is documented with a default CVSS v2 base score of 5.0 (Medium) and a network attack vector with low acces...

5CVSS6.8AI score0.01803EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Oracle Database SQL Compiler Views Unauthorized Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The...

6.5CVSS0.4AI score0.15815EPSS
Exploits9
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Oracle 9i/10g Evil Views - Change Passwords Exploit

No description provided by source. -- -- bunkerview.sql -- -- Oracle 9i/10g - evil view exploit CVE-2007-3855 -- Uses evil view to perform unauthorized password update -- -- by Andrea bunker Purificato - http://rawlab.mindcreations.com -- 37F1 A7A1 BB94 89DB A920 3105 9F74 7349 AF4C BFA2 -- -- Th...

6.5CVSS6.4AI score0.15815EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : freetype2 (openSUSE-SU-2011:0361-1)

Specially crafted font files could crash applications that use freetype2 to render the fonts CVE-2010-3814, CVE-2010-3855. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update freetype2-4080. The...

6.8CVSS5.7AI score0.05276EPSS
Exploits0References4
CVE
CVE
added 2013/09/11 10:0 a.m.72 views

CVE-2013-3855

CVE-2013-3855 affects Microsoft Word 2003 SP3/2007 SP3, Office Compatibility Pack SP3, and Word Viewer. Root cause is memory corruption via a crafted Office document, enabling remote code execution or a memory‑corruption DoS. The OpenVAS/NVD entries cite MS13-072 as the remediation path (security...

9.3CVSS7.6AI score0.20145EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder