Lucene search
+L

90 matches found

Tenable Nessus
Tenable Nessus
added 2020/10/07 12:0 a.m.30 views

Oracle Linux 7 : openldap (ELSA-2020-4041)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4041 advisory. 2.4.44-22 - Fix CVE-2020-12243 openldap: denial of service via nested boolean expressions in LDAP search filters 1838405 Tenable has extracted the preceding...

7.5CVSS6.6AI score0.04423EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.30 views

EulerOS 2.0 SP2 : coreutils (EulerOS-SA-2020-1663)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering...

9.8CVSS7.9AI score0.02323EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2020/06/16 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2020-1663)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02323EPSS
Exploits2References2
NVD
NVD
added 2020/06/08 10:15 p.m.24 views

CVE-2020-4041

In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to...

7.4CVSS7.3AI score0.02026EPSS
Exploits3References5
OSV
OSV
added 2020/06/08 10:15 p.m.25 views

CVE-2020-4041

In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to...

6.1CVSS6.1AI score
Exploits0References5
CVE
CVE
added 2020/06/08 10:5 p.m.184 views

CVE-2020-4041

CVE-2020-4041 (Bolt CMS) affects Bolt CMS versions before 3.7.1. The vulnerability concerns the filename of uploaded files, which is stored in a way that allows stored XSS after the file is created/uploaded. Although initial file names cannot inject JavaScript, renaming the file post-upload can i...

7.4CVSS6.1AI score0.02026EPSS
Exploits3References5Affected Software1
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2020-1374)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02323EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.30 views

EulerOS 2.0 SP3 : coreutils (EulerOS-SA-2020-1374)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering...

9.8CVSS7.9AI score0.02323EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2020/01/24 5:15 p.m.26 views

CVE-2015-4041

The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service heap-based buffer overflow and application crash ...

7.8CVSS7.3AI score0.00522EPSS
Exploits1References1
CVE
CVE
added 2020/01/24 4:59 p.m.92 views

CVE-2015-4041

CVE-2015-4041 affects GNU Coreutils (sort, sort.c, keycompare_mb) on 64-bit platforms. The vulnerability arises from a size calculation in keycompare_mb that does not account for the number of bytes occupied by multibyte UTF-8 characters, enabling a heap-based overflow under long UTF-8 strings an...

7.8CVSS9AI score0.00522EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/01 12:0 a.m.43 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel update (USN-4041-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4041-1 advisory. USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking...

7.5CVSS6.7AI score0.9166EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/06/30 12:0 a.m.63 views

Ubuntu: Security Advisory (USN-4041-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.9166EPSS
Exploits1References3
OSV
OSV
added 2019/06/29 3:23 a.m.4 views

USN-4041-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon update

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SOSNDBUF values. This update fixes the problem. We apologize for the inconvenience. Jonathan Looney discovered that t...

7.5CVSS6.7AI score0.9166EPSS
Exploits1References2
Veracode
Veracode
added 2019/05/02 4:58 a.m.36 views

Unauthorized Access

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

10CVSS6.6AI score0.17606EPSS
Exploits0References15Affected Software1
CVE
CVE
added 2019/01/10 3:0 p.m.51 views

CVE-2018-4041

CVE-2018-4041 corresponds to a privilege-escalation in CleanMyMac X 4.04 due to improper input validation in the helper protocol’s enableLaunchdAgentAtPath function. The attack requires local access and could let a non-root user load a root-privileged launch agent, effectively enabling root-level...

7.1CVSS5.5AI score0.00309EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/03/16 2:29 p.m.3 views

CVE-2017-4041

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...

5.8AI score
Exploits0References1
CVE
CVE
added 2018/03/16 2:4 p.m.26 views

CVE-2017-4041

CVE-2017-4041 entry is rejected and not used; it does not represent an active vulnerability.

7.3AI score
Exploits0
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.10 views

CVE-2017-4041

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.103 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2018-4041)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4041 advisory. - KEYS: Remove keytype::match in favour of overriding default by matchpreparse Tim Tianyang Chen Orabug: 25757946 CVE-2017-6951 - tcp: initialize...

7.8CVSS6.9AI score0.01344EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2017/11/20 12:0 a.m.25 views

Debian DSA-4041-1 : procmail - security update

Jakub Wilk reported a heap-based buffer overflow vulnerability in procmail's formail utility when processing specially crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss. %NASLMINLEVEL 70300 C Tenable Network...

10CVSS8AI score0.12524EPSS
Exploits0References6
Rows per page
Query Builder