Lucene search
K

82 matches found

seebug.org
seebug.org
added 2017/10/20 12:0 a.m.64 views

Libarchive mtree parse_device Code Execution Vulnerability(CVE-2016-4301)

SUMMARY An exploitable stack based buffer overflow vulnerability exists in the mtree parsedevice functionality of libarchive. A specially crafted mtree file can cause a buffer overflow resulting in memory corruption/code execution. An attacker can send a malformed file to trigger this...

6.8CVSS8.2AI score0.03716EPSS
Exploits2
OSV
OSV
added 2016/09/21 2:25 p.m.10 views

CVE-2016-4301

Stack-based buffer overflow in the parsedevice function in archivereadsupportformatmtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file...

7.8CVSS7.9AI score
Exploits0References8
CVE
CVE
added 2016/09/21 2:0 p.m.71 views

CVE-2016-4301

CVE-2016-4301 : A stack-based buffer overflow in the libarchive library’s mtree parser (archive_read_support_format_mtree.c, parse_device) allows remote attackers to execute arbitrary code when processing crafted mtree files. Affected: libarchive prior to 3.2.1. Mitigation: upgrade to 3.2.1 or ne...

7.8CVSS8AI score0.03716EPSS
Exploits2References8Affected Software1
Debian CVE
Debian CVE
added 2016/09/21 2:0 p.m.49 views

CVE-2016-4301

Stack-based buffer overflow in the parsedevice function in archivereadsupportformatmtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file...

7.8CVSS8.2AI score0.03716EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2016/08/16 12:0 a.m.38 views

openSUSE Security Update : libarchive (openSUSE-2016-969)

libarchive was updated to fix 20 security issues. These security issues were fixed : - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921...

7.8CVSS7AI score0.11992EPSS
Exploits14References40
OPENSUSE Linux
OPENSUSE Linux
added 2016/08/11 5:13 p.m.45 views

Security update for libarchive (important)

libarchive was updated to fix 20 security issues. These security issues were fixed: - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921:...

1.4AI score0.11992EPSS
Exploits14References20
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.33 views

Gentoo Security Advisory GLSA 201310-21

Gentoo Linux Local Security Checks GLSA 201310-21 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.4AI score0.02683EPSS
Exploits4References1
NVD
NVD
added 2015/08/19 3:59 p.m.22 views

CVE-2015-4301

Cisco NX-OS on Nexus 9000 devices 11.11c allows remote authenticated users to cause a denial of service device hang via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225...

6.8CVSS6.3AI score0.01742EPSS
Exploits0References2
CVE
CVE
added 2015/08/19 3:0 p.m.67 views

CVE-2015-4301

Cisco Nexus 9000 Series NX-OS (Nexus 9000 devices, 11.1(1c)) is affected by CVE-2015-4301. The issue allows a remote authenticated attacker to cause a denial of service (device hang) by copying large files to the device filesystem, via Bug CSCuu77225. Exploitation requires valid credentials and t...

6.8CVSS6.5AI score0.01742EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/11/23 7:59 p.m.30 views

Design/Logic Flaw

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292,...

6.8CVSS5.6AI score0.02282EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2013/10/27 12:55 a.m.7 views

CVE-2013-4301

includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "" open angle bracket character in the lang parameter to w/load.php, which reveals the installation pat...

6AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2013/10/27 12:55 a.m.25 views

CVE-2013-4301

includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "" open angle bracket character in the lang parameter to w/load.php, which reveals the installation pat...

5CVSS5.9AI score0.02084EPSS
Exploits1References2
CVE
CVE
added 2013/10/27 12:0 a.m.57 views

CVE-2013-4301

MediaWiki information disclosure CVE-2013-4301 affects ResourceLoaderContext.php in MediaWiki 1.19.x (before 1.19.8), 1.20.x (before 1.20.7), and 1.21.x (before 1.21.2). A remote attacker can cause the installation path to be revealed in an error message by supplying a “

5CVSS5.9AI score0.02084EPSS
Exploits1References9Affected Software1
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.30 views

Fedora Update for mediawiki FEDORA-2013-15994

Check for the Version of mediawiki OpenVAS Vulnerability Test Fedora Update for mediawiki FEDORA-2013-15994 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

6.8CVSS6.5AI score0.02344EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.36 views

Fedora Update for mediawiki FEDORA-2013-15984

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.02084EPSS
Exploits2References2
Mageia
Mageia
added 2013/09/13 8:15 p.m.40 views

Updated mediawiki package fixes security vulnerabilities

Full path disclosure in MediaWiki before 1.20.7, when an invalid language is specified in ResourceLoader CVE-2013-4301. Several API modules in MediaWiki before 1.20.7 allowed anti-CSRF tokens to be accessed via JSONP CVE-2013-4302. An issue with the MediaWiki API in MediaWiki before 1.20.7 where ...

6.1CVSS4.2AI score0.02084EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2013/02/22 12:0 a.m.100 views

Oracle Java SE Multiple Vulnerabilities (February 2013 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 13 or 6 Update 39, or is earlier than or equal to 5 Update 38 or 1.4.2 Update 40. It is, therefore, potentially affected by security issues in the following components : - 2D - AW...

10CVSS7.3AI score0.89987EPSS
Exploits10References53
CVE
CVE
added 2013/02/02 12:0 a.m.67 views

CVE-2012-4301

CVE-2012-4301 involves the Oracle JavaFX component in Java SE/JavaFX up to version 2.2.4 and earlier. The entry describes an unspecified vulnerability that could affect confidentiality, integrity, and availability via unknown vectors, with a note from third‑party claims that it may permit remote ...

10CVSS7AI score0.08267EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2012/07/11 10:26 a.m.25 views

CVE-2011-4301

The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which allows remote attackers to submit unexpected form content by modifying the values of constant...

5CVSS5.9AI score0.02102EPSS
Exploits0References1
CVE
CVE
added 2012/07/11 10:0 a.m.66 views

CVE-2011-4301

The CVE-2011-4301 issue affects Moodle’s Forms Library (MoodleQuickForm in lib/formslib.php) where the Forms API setConstant operation is not recognized. This allows remote attackers to submit unexpected form content by modifying constant field values. Affected versions are Moodle 1.9.x prior to ...

5CVSS6.6AI score0.02102EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder