Lucene search
K

150 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/13 12:0 a.m.31 views

Oracle Linux 7 : firefox (ELSA-2023-5477)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5477 advisory. 115.3.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

9.8CVSS8.2AI score0.49013EPSS
Exploits3References6
Kaspersky
Kaspersky
added 2023/10/13 12:0 a.m.37 views

KLA61411 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in...

8.8CVSS8.5AI score0.0126EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2023/10/12 12:0 a.m.30 views

FreeBSD : chromium -- multiple vulnerabilities (07ee8c14-68f1-11ee-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 07ee8c14-68f1-11ee-8290-a8a1599412c6 advisory. - Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote...

8.8CVSS7.4AI score0.0126EPSS
Exploits0References16
CVE
CVE
added 2023/10/11 10:28 p.m.329 views

CVE-2023-5477

CVE-2023-5477 describes an inappropriate implementation in the Chrome/Chromium Installer prior to 118.0.5993.70 that could allow a local attacker to bypass discretionary access control via a crafted command. Connected advisories confirm affected products include Google Chrome/Chromium and note a ...

4.3CVSS5AI score0.00515EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2023/10/11 12:0 a.m.17 views

CVE-2023-5477

Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. Chromium security severity: Low...

4.3CVSS5.9AI score0.00515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/10 12:0 a.m.55 views

Google Chrome < 118.0.5993.70 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 118.0.5993.70. It is, therefore, affected by multiple vulnerabilities as referenced in the 202310stable-channel-update-for-desktop10 advisory. - Use after free in Blink History in Google Chrome prior to 118.0.5993.70...

8.8CVSS7.2AI score0.0126EPSS
Exploits0References29
Tenable Nessus
Tenable Nessus
added 2023/10/05 12:0 a.m.45 views

RHEL 7 : firefox (RHSA-2023:5477)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS8.5AI score0.49013EPSS
Exploits3References12
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.71 views

K16909: BIND vulnerability CVE-2015-5477

Security Advisory Description An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. CVE-2015-5477 Impact A remote attacker may be able...

7.8CVSS7.2AI score0.91284EPSS
Exploits12Affected Software18
Tenable Nessus
Tenable Nessus
added 2022/10/12 12:0 a.m.28 views

Debian dla-3150 : rexical - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3150 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3150-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS8AI score0.05899EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/01 12:0 a.m.320 views

RHEL 8 : firefox (RHSA-2022:5477)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS7.7AI score0.23941EPSS
Exploits1References18
Oracle linux
Oracle linux
added 2022/02/03 12:0 a.m.199 views

bind security update

32:9.8.2-0.68.rc1.0.3.8 - Backport fix for CVE-2018-5741 Orabug: 33496185 32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215 32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749 32:9.8.2-0.68.rc1.8 - Fix...

10CVSS7.3AI score0.95182EPSS
Exploits60
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2021-0063)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.05899EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2015:1322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.91284EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2015:1304-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.91284EPSS
Exploits12References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2015:1316-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.91284EPSS
Exploits12References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2015:1305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.91284EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2021/02/08 12:0 a.m.29 views

openSUSE Security Update : rubygem-nokogiri (openSUSE-2021-237)

This update for rubygem-nokogiri fixes the following issues: rubygem-nokogiri was updated to 1.8.5 bsc1156722. Security issues fixed : - CVE-2019-5477: Fixed a command injection vulnerability bsc1146578. - CVE-2020-26247: Fixed an XXE vulnerability in Nokogiri::XML::Schema bsc1180507. This update...

9.8CVSS6.9AI score0.05899EPSS
Exploits0References5
OSV
OSV
added 2021/02/04 1:40 p.m.7 views

MGASA-2021-0063 Updated ruby-nokogiri packages fix security vulnerabilities

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...

9.8CVSS7AI score0.05899EPSS
Exploits0References4
Mageia
Mageia
added 2021/02/04 1:40 p.m.61 views

Updated ruby-nokogiri packages fix security vulnerabilities

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...

9.8CVSS8AI score0.05899EPSS
Exploits0References3
CVE
CVE
added 2021/01/25 5:53 p.m.25 views

CVE-2020-5477

CVE-2020-5477 entry is rejected/not used per the initial description.

6.9AI score
Exploits0
Rows per page
Query Builder