Lucene search
+L

72 matches found

Tenable Nessus
Tenable Nessus
added 2019/01/14 12:0 a.m.44 views

SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2019:13927-1)

This update for LibVNCServer fixes the following issues : Security issues fixed : CVE-2018-15126: Fixed use-after-free in file transfer extension bsc1120114 CVE-2018-6307: Fixed use-after-free in file transfer extension server code bsc1120115 CVE-2018-20020: Fixed heap out-of-bound write inside...

9.8CVSS7.3AI score0.26543EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2018/12/27 12:0 a.m.36 views

Debian DLA-1617-1 : libvncserver security update

Kaspersky Lab discovered several vulnerabilities in libvncserver, a C library to implement VNC server/client functionalities. CVE-2018-6307 a heap use-after-free vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be...

9.8CVSS7.6AI score0.26543EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2018/12/27 12:0 a.m.35 views

Debian: Security Advisory (DLA-1617-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.26543EPSS
Exploits0References3
CVE
CVE
added 2018/12/19 4:0 p.m.156 views

CVE-2018-6307

CVE-2018-6307 affects LibVNC/LibVNCServer. It is a heap use-after-free in the server code of the file transfer extension, which can lead to remote code execution. Connected advisories confirm the vulnerability across LibVNCServer deployments and note that fixes were applied in downstream advisori...

8.1CVSS9.1AI score0.26543EPSS
Exploits0References6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/08 4:13 a.m.38 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cloud Manager

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cloud Manager. IBM Cloud Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caus...

9.8CVSS1AI score0.95707EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:32 p.m.48 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Manager. IBM Workload Manager has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to...

10CVSS0.8AI score0.70223EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:6 p.m.42 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tealeaf Customer Experience

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience. IBM Tealeaf Customer Experience has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6304 DESCRIPTION: OpenSSL is vulnerable ...

9.8CVSS0.7AI score0.63029EPSS
Exploits3Affected Software1
Openbugbounty
Openbugbounty
added 2017/10/29 5:22 a.m.14 views

cars.com XSS vulnerability

Open Bug Bounty ID: OBB-376943 Description| Value ---|--- Affected Website:| cars.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.22 views

Fedora Update for tnef FEDORA-2017-c2882ae75b

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.01934EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/10/27 12:0 a.m.44 views

Fedora Update for tnef FEDORA-2017-2b28a055f2

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.01934EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/09 12:0 a.m.21 views

Fedora 24 : tnef (2017-7de130a80d)

Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further bug fix. The tnef-dolphin file manager integration is updated to suit the kf5/qt5 base. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

7.8CVSS7.4AI score0.01411EPSS
Exploits0References2
Hacker One
Hacker One
added 2017/04/18 7:41 a.m.91 views

Internet Bug Bounty: Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)

A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being...

4.3CVSS7.6AI score0.13837EPSS
Exploits0
Debian
Debian
added 2017/03/24 9:44 p.m.86 views

[SECURITY] [DLA 839-2] tnef regression update

Package : tnef Version : 1.4.9-1+deb7u2 CVE ID : CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 Debian Bug : 857342 While fixing the above mentioned CVEs, upstream introduced a regression. The new patches added for this upload take care of that. For Debian 7 "Wheezy", these problems have...

7.8CVSS8.1AI score0.0154EPSS
Exploits0
Debian
Debian
added 2017/03/01 7:46 a.m.78 views

[SECURITY] [DSA 3798-1] tnef security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3798-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2017 https://www.debian.org/security/faq -...

7.8CVSS8.2AI score0.0154EPSS
Exploits0
Debian
Debian
added 2017/02/27 9:17 p.m.58 views

[SECURITY] [DLA 839-1] tnef security update

Package : tnef Version : 1.4.9-1+deb7u1 CVE ID : CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 CVE-2017-6307 An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controll...

7.8CVSS8.1AI score0.0154EPSS
Exploits0
CVE
CVE
added 2017/02/24 4:23 a.m.72 views

CVE-2017-6307

CVE-2017-6307 affects the tnef project (MS-TNEF MIME unpacker). The issue is two out-of-bounds writes in mapi_attr_read() (src/mapi_attr.c) that could lead to invalid read/write operations, with the advisory stating vulnerable versions up to 1.4.13 and fixes delivered in newer releases. Fedora an...

7.8CVSS7.5AI score0.01411EPSS
Exploits0References6Affected Software1
F5 Networks
F5 Networks
added 2016/10/19 12:0 a.m.67 views

SOL09422508 - OpenSSL vulnerabilities CVE-2016-6302, CVE-2016-6307, and CVE-2016-6308

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.6AI score0.26441EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/10/06 12:0 a.m.45 views

OpenSSL < 1.1.0a Multiple Vulnerabilities

Binary data 9626.prm...

7.8CVSS8.1AI score0.63029EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2016/09/30 12:0 a.m.78 views

OpenSSL 1.1.0 < 1.1.0a Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0a. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0a advisory. - The ssl3readbytes function in record/reclayers3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of...

7.8CVSS7.7AI score0.63029EPSS
Exploits3References13
UbuntuCve
UbuntuCve
added 2016/09/26 7:59 p.m.48 views

CVE-2016-6307

The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted TLS messages, related to statem/statem.c and statem/statemlib.c...

5.9CVSS6.9AI score0.13837EPSS
Exploits0References2
Rows per page
Query Builder