Lucene search
K

66 matches found

Tenable Nessus
Tenable Nessus
added 2017/02/02 12:0 a.m.54 views

Oracle Linux 6 / 7 : libtiff (ELSA-2017-0225)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0225 advisory. - Fix patch for CVE-2016-5652 - CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 - CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 - CVE-2016-5652 Tenable has...

9.8CVSS7.7AI score0.04767EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2017/02/02 12:0 a.m.79 views

CentOS 6 / 7 : libtiff (CESA-2017:0225)

An update for libtiff is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS8.2AI score0.04767EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2017/02/02 12:0 a.m.48 views

OracleVM 3.3 : libtiff (OVMSA-2017-0037)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix patch for CVE-2016-5652 - Related: 1412078 - Fix CWE-476 defect found by covscan - Related: 1412078 - Add patches for CVEs : - CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 - CVE-2016-9536 CVE-2016-95...

9.8CVSS7.5AI score0.04767EPSS
Exploits3References8
Oracle linux
Oracle linux
added 2017/02/01 12:0 a.m.49 views

libtiff security update

3.9.4-21 - Fix patch for CVE-2016-5652 - Related: 1412078 3.9.4-20 - Fix CWE-476 defect found by covscan - Related: 1412078 3.9.4-19 - Add patches for CVEs: - CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 - CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 - CVE-2016-5652 - Resolves: 1412078...

9.8CVSS2.2AI score0.04767EPSS
Exploits3
Debian
Debian
added 2017/01/13 3:45 p.m.50 views

[SECURITY] [DSA 3762-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3762-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 13, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.5AI score0.06471EPSS
Exploits11
OSV
OSV
added 2017/01/06 9:59 p.m.32 views

CVE-2016-5652

An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means...

7CVSS7.9AI score
Exploits0References5
CVE
CVE
added 2017/01/06 9:0 p.m.184 views

CVE-2016-5652

CVE-2016-5652 affects LibTIFF (TIFF2PDF tool). A crafted TIFF can trigger an exploitable heap-based buffer overflow in handling JPEG Compression Tables, potentially leading to remote code execution or crash via a saved TIFF file. Vulnerable components include LibTIFF and tools like tiff2pdf. Reme...

7CVSS8.4AI score0.04298EPSS
Exploits2References5Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/06 12:0 a.m.29 views

CVE-2016-5652

An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means...

7CVSS7.3AI score0.04298EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2017/01/03 12:0 a.m.87 views

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2016:3301-1)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

7.8CVSS7.2AI score0.06471EPSS
Exploits4References34
Debian
Debian
added 2016/11/02 12:53 p.m.157 views

[SECURITY] [DLA 693-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u7 CVE ID : CVE-2014-8128 CVE-2015-7554 CVE-2015-8668 CVE-2016-3186 CVE-2016-3619 CVE-2016-3620 CVE-2016-3621 CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-5102 CVE-2016-5318 CVE-2016-5319 CVE-2016-5652 CVE-2016-6223 CVE-2016-8331 Debian Bug...

9.8CVSS7AI score0.13722EPSS
Exploits10
UbuntuCve
UbuntuCve
added 2015/10/06 1:59 a.m.28 views

CVE-2015-5652

Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really ...

7.2CVSS7.1AI score0.0059EPSS
Exploits0References4
CVE
CVE
added 2014/09/09 1:0 a.m.29 views

CVE-2014-5652

The CVE-2014-5652 entry concerns the Android app Kicksend Photo Prints (com.kicksend.android.print) version 1.0.7. The vulnerability is an SSL verification flaw where the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and access sens...

5.4CVSS6AI score0.00297EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2013/10/13 12:0 a.m.89 views

[SECURITY] [DSA 2776-1] drupal6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2776-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 11, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.02746EPSS
Exploits1
Debian
Debian
added 2013/10/11 2:32 p.m.60 views

[SECURITY] [DSA 2776-1] drupal6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2776-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 11, 2013 http://www.debian.org/security/faq -...

6.8CVSS6.1AI score0.02746EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/01/08 12:0 a.m.27 views

Fedora Update for drupal6 FEDORA-2012-20766

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6CVSS6.5AI score0.02746EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/01/08 12:0 a.m.30 views

Fedora Update for drupal7 FEDORA-2012-20794

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS7.7AI score0.03008EPSS
Exploits1References2
CVE
CVE
added 2013/01/03 1:0 a.m.123 views

CVE-2012-5652

CVE-2012-5652 affects Drupal 6.x prior to 6.27, allowing remote attackers to disclose sensitive information about uploaded files via RSS feeds or search results. Root cause involves information disclosure in output for file-related data; no exploitation details are provided in the sources. The vu...

5CVSS5.9AI score0.02436EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/12/21 12:0 a.m.44 views

Drupal 6.x < 6.27 / 7.x < 7.18 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.27 or 7.x prior to 7.18. It is, therefore, potentially affected by multiple vulnerabilities : - An access bypass vulnerability exists that allows search results to improperly display information about blocked users...

6CVSS6.6AI score0.02746EPSS
Exploits1References4
Drupal
Drupal
added 2012/12/19 12:0 a.m.614 views

SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Access bypass User module search - Drupal 6 and 7 A vulnerability was identified that allows blocked users to appear in user search results, even when the search results are viewed by unprivileged users. This...

6CVSS6.9AI score0.02746EPSS
Exploits1References27
RedHat Linux
RedHat Linux
added 2011/03/21 5:5 p.m.7 views

Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)

Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed file...

6.8CVSS7.4AI score0.07508EPSS
Exploits1References4
Rows per page
Query Builder