Lucene search
K

151 matches found

Tenable Nessus
Tenable Nessus
added 2021/12/06 12:0 a.m.60 views

Google Chrome < 96.0.4664.93 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.93. It is, therefore, affected by multiple vulnerabilities as referenced in the 202112stable-channel-update-for-desktop advisory. - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a...

8.8CVSS7.7AI score0.02073EPSS
Exploits0References37
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/08 8:26 p.m.43 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to a denial of service vulnerability in Angular.js

Summary A denial of service vulnerability in Angular.js used by IBM InfoSphere Information Analyzer was addressed. Vulnerability Details CVEID: CVE-2016-4055 DESCRIPTION: The Node.js moment module is vulnerable to a denial of service, caused by an error in the regular expression implementation. A...

7.8CVSS1.7AI score0.09905EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.45 views

RHEL 6 : qemu-kvm (RHSA-2020:4055)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4055 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...

5CVSS6.9AI score0.05447EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.29 views

RHEL 7 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:4055)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:4055 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

9.9CVSS6.3AI score0.02698EPSS
Exploits0References10
CVE
CVE
added 2019/04/19 4:20 p.m.78 views

CVE-2019-4055

Summary: CVE-2019-4055 affects IBM MQ versions 8.0.0.0–8.0.0.10, 9.0.0.0–9.0.0.5, and 9.1.0.0–9.1.1, enabling a denial-of-service through the TLS key renegotiation function. The root cause is a weakness in TLS renegotiation handling. Impact (as described): DoS affecting MQ services. Remediation/F...

7.5CVSS7.1AI score0.02487EPSS
Exploits0References3Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/16 4:30 p.m.27 views

Security Bulletin: IBM MQ and IBM MQ Appliance are vulnerable to a denial of service attack within the TLS key renegotiation functions (CVE-2019-4055)

Summary A vulnerability was discovered within the TLS key renegotiation functions which could be exploited to execute a denial of service attack against an IBM MQ queue manager. Vulnerability Details CVEID: CVE-2019-4055 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack within the T...

7.5CVSS2.3AI score0.02487EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2019/04/02 12:0 a.m.124 views

Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

7.8CVSS6.8AI score0.17139EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.66 views

Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 8.3.0. It is, therefore, affected by: - An information disclosure vulnerability exists in OpenSSL. A remote attacker may be able to obtain sensitive information, caused by the failure to...

7.8CVSS6.4AI score0.17139EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/03/08 8:0 p.m.21 views

CVE-2018-4055

A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to successful...

7.1CVSS5.5AI score0.00522EPSS
Exploits1References1
CVE
CVE
added 2019/03/08 8:0 p.m.51 views

CVE-2018-4055

Pixar Renderman for macOS contains a local privilege escalation in the install helper. The Mac version 22.2.0’s install helper Dispatch function does not verify the caller, allowing a local attacker to read any root file from the filesystem. Exploitation requires local access; impact is root-leve...

7.1CVSS5.5AI score0.00522EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.68 views

Oracle Primavera Unifier Multiple Vulnerabilities (July 2018 CPU)

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.0, 17.x prior to 17.12.7.0, or 18.x prior to 18.7.0.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for the...

7.8CVSS6.3AI score0.2258EPSS
Exploits2References8
Debian CVE
Debian CVE
added 2018/03/04 9:0 p.m.38 views

CVE-2017-18214

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...

7.5CVSS5.5AI score0.03673EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2017/10/24 6:33 p.m.5 views

2ch (>=0.1.0 <=0.1.3), 3loc (>=0.2.0 <=0.4.0) +1296 more potentially affected by CVE-2016-4055 via moment (>=1.0.0 <=2.11.1)

moment NPM version =1.0.0, =0.1.0, =0.2.0, =0.0.13, =1.0.0, =0.2.11, =1.0.1, =1.0.33, =0.0.15, =1.2.6, =2.1.7 and more Source cves: CVE-2016-4055 Source advisory: OSV:GHSA-87VV-R9J6-G5QV...

7.8CVSS6.5AI score0.09905EPSS
Exploits1
CVE
CVE
added 2017/07/12 3:0 p.m.57 views

CVE-2017-4055

CVE-2017-4055 affects McAfee Advanced Threat Defense (ATD) Web Interface, with versions 3.10, 3.8, 3.6, and 3.4. The issue is a vulnerability in authentication/authorization enforcement that lets remote unauthenticated users bypass ATD detection via loose authentication checks, enabling bypass of...

7.5CVSS7.8AI score0.01245EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/23 9:59 p.m.31 views

CVE-2016-4055

The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service CPU consumption via a long string, aka a "regular expression Denial of Service ReDoS."...

7.8CVSS6.8AI score0.09905EPSS
Exploits1References2
CVE
CVE
added 2017/01/23 9:0 p.m.233 views

CVE-2016-4055

Moment.js (Node.js) is affected by CVE-2016-4055 due to a vulnerability in its regular expression handling that can enable a DoS (high CPU usage) via crafted input. Public details show the issue as a ReDoS against the moment package prior to 2.11.2, with remediation requiring upgrading to a patch...

7.8CVSS6.5AI score0.09905EPSS
Exploits1References9Affected Software1
OpenVAS
OpenVAS
added 2014/08/13 12:0 a.m.98 views

Microsoft Internet Explorer Multiple Vulnerabilities (2976627)

This host is missing a critical security update according to Microsoft Bulletin MS14-051. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS7.4AI score0.26349EPSS
Exploits0References33
CVE
CVE
added 2014/08/12 9:0 p.m.76 views

CVE-2014-4055

Microsoft Internet Explorer 10/11 memory corruption vulnerability (CVE-2014-4055) can enable remote code execution or DoS when visiting a crafted site. Affected: IE 10–11. Root cause: memory corruption in IE’s handling of web content. Public exploits exist (SecurityVulns doc), and related advisor...

9.3CVSS7.7AI score0.16528EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/12/03 12:0 a.m.117 views

IBM Domino Web Administrator Multiple Vulnerabilities

The remote IBM Domino web server includes IBM Domino Web Administrator webadmin.nsf and is affected by multiple vulnerabilities : - An authenticated user can exploit an unspecified cross- site request forgery CSRF vulnerability by enticing a user to follow a specially crafted URL. CVE-2013-4050 -...

6CVSS5.2AI score0.00759EPSS
Exploits0References5
CVE
CVE
added 2013/11/08 2:0 a.m.56 views

CVE-2013-4055

CVE-2013-4055 is an XSS vulnerability in IBM Domino Domino Web Administrator (webadmin.nsf) affecting Domino 8.5 and 9.0. The issue permits remote authenticated users to inject arbitrary scripts/HTML via unspecified vectors; the exact exploitation path is not detailed in the provided documents. T...

3.5CVSS5.2AI score0.00759EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder