Lucene search
+L

72 matches found

CVE
CVE
added 2017/04/12 10:0 p.m.72 views

CVE-2016-6348

CVE-2016-6348 is reported in RESTEasy via the JacksonJsonpInterceptor and is described in connected advisories as enabling a cross-site script inclusion (XSSI) vulnerability. The Ubuntu USN and Tenable/NASL entries enumerate RESTEasy-related CVEs together and explicitly list CVE-2016-6348 among a...

6.1CVSS6AI score0.01315EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/04/12 10:0 p.m.39 views

CVE-2016-6348

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion XSSI attack...

6.1CVSS6.3AI score0.01315EPSS
Exploits0
Cvelist
Cvelist
added 2017/04/12 10:0 p.m.32 views

CVE-2016-6348

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion XSSI attack...

6.1AI score0.01315EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.52 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-419)

The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5669: The doshmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed loca...

8.4CVSS6.9AI score0.06386EPSS
Exploits5References34
OpenVAS
OpenVAS
added 2017/04/02 12:0 a.m.286 views

openSUSE: Security Advisory for kernel (openSUSE-SU-2017:0906-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.4CVSS7.2AI score0.06386EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/01 3:7 p.m.114 views

Security update for the Linux Kernel (important)

====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalizati...

7.2CVSS2.8AI score0.06386EPSS
Exploits5References18
Mageia
Mageia
added 2017/03/25 8:15 p.m.71 views

Updated kernel packages fixes security vulnerabilities

This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...

7.8CVSS4.5AI score0.01021EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2017/03/10 12:0 a.m.232 views

Debian DLA-849-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle BP and OF exceptions in an L2 neste...

7.8CVSS7.2AI score0.04666EPSS
Exploits2References10
Debian
Debian
added 2017/03/09 12:6 p.m.98 views

[SECURITY] [DLA 849-1] linux security update

Package : linux Version : 3.2.86-1 CVE ID : CVE-2016-9588 CVE-2017-2636 CVE-2017-5669 CVE-2017-5986 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or...

7.8CVSS7AI score0.04666EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/03/09 12:0 a.m.61 views

Debian DSA-3804-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. - CVE-2016-9588 Jim Mattson discovered that the KVM implementation for Intel x86 processors does not properly handle BP and OF exceptions in an L2...

7.8CVSS6.9AI score0.04666EPSS
Exploits2References20
Debian
Debian
added 2017/03/08 4:59 p.m.100 views

[SECURITY] [DSA 3804-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3804-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...

7.8CVSS8.2AI score0.04666EPSS
Exploits2
Debian
Debian
added 2017/03/08 4:59 p.m.113 views

[SECURITY] [DSA 3804-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3804-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...

7.2CVSS1AI score0.04666EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2017/03/02 5:20 p.m.32 views

CVE-2017-6348

The hashbindelete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allows local users to cause a denial of service deadlock via crafted operations on IrDA devices...

6.2CVSS4.6AI score0.00381EPSS
Exploits0References1
OSV
OSV
added 2017/03/01 8:59 p.m.6 views

CVE-2017-6348

The hashbindelete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service deadlock via crafted operations on IrDA devices...

5.5CVSS6.9AI score
Exploits0References7
CVE
CVE
added 2017/03/01 8:0 p.m.141 views

CVE-2017-6348

CVE-2017-6348 affects the Linux kernel: the hashbin_delete function in net/irda/irqueue.c improperly handles lock dropping, enabling a local user to trigger a denial of service through crafted IrDA device operations. The issue exists in kernels before 4.9.13 and is fixed by upgrading to 4.9.13 or...

5.5CVSS5.5AI score0.00381EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2016/09/01 1:48 a.m.23 views

CVE-2016-6348

It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack...

6.1CVSS1.7AI score0.01315EPSS
Exploits0References1
CVE
CVE
added 2015/10/30 10:0 a.m.59 views

CVE-2015-6348

The CVE-2015-6348 issue affects Cisco Secure Access Control Server (ACS) 5.7(0.15) where the report-generation web interface contains RBAC validation weaknesses. An authenticated remote user could access restricted report/status pages via the report-generation web interface, potentially exposing ...

4CVSS6.4AI score0.01368EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2014/11/12 12:0 a.m.53 views

Microsoft Internet Explorer Multiple Vulnerabilities (3003057)

This host is missing a critical security update according to Microsoft Bulletin MS14-065. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS5AI score0.30213EPSS
Exploits0References19
Prion
Prion
added 2014/11/11 10:55 p.m.35 views

Memory corruption

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348...

9.3CVSS7.8AI score0.15682EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/11/11 10:0 p.m.67 views

CVE-2014-6348

CVE-2014-6348 affects Microsoft Internet Explorer 9. The provided description states that remote attackers can exploit a memory corruption issue via a crafted web site to execute arbitrary code or cause a denial of service. This entry is linked to IE9 and is distinguished from CVE-2014-6342. No c...

9.3CVSS7.6AI score0.15682EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder