Lucene search
+L

59 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/17 12:0 a.m.59 views

Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3293-1)

Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service memory consumption in the host OS. CVE-2017-2596 Dmitry Vyukov discovered that the generic SCSI sg subsystem i...

7.8CVSS7.4AI score0.00414EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/05/16 12:0 a.m.84 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1301-1)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Notable new features : - Toleration of newer crypto hardware for z Systems - USB 2.0 Link power management for Haswell-ULT The following security bugs were fixed : - CVE-2017-7308: The packetsetring...

7.8CVSS7.1AI score0.17827EPSS
Exploits34References96
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.9 views

CVE-2016-7261

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/08 12:0 a.m.60 views

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to receive various security and bugfixes. Notable new/improved features : - Improved support for Hyper-V - Support for Matrox G200eH3 - Support for tcpwestwood The following security bugs were fixed : - CVE-2017-2671: The pingunhash...

7.8CVSS7AI score0.17827EPSS
Exploits30References119
OSV
OSV
added 2017/05/05 8:13 a.m.11 views

SUSE-SU-2017:1183-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to receive various security and bugfixes. Notable new/improved features: - Improved support for Hyper-V - Support for Matrox G200eH3 - Support for tcpwestwood The following security bugs were fixed: - CVE-2017-2671: The pingunhash...

7.8CVSS8.5AI score0.17827EPSS
Exploits30References102
Tenable Nessus
Tenable Nessus
added 2017/05/02 12:0 a.m.82 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-532)

The openSUSE Leap 42.2 kernel was updated to 4.4.62 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service API operation calling its own callback, and infinite recursion ...

7.8CVSS6.8AI score0.17827EPSS
Exploits29References69
OpenVAS
OpenVAS
added 2017/05/02 12:0 a.m.43 views

openSUSE: Security Advisory for kernel (openSUSE-SU-2017:1140-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.5AI score0.17827EPSS
Exploits29References1
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.59 views

Debian DLA-922-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-2188 Ralf Spenneberg of OpenSource Security reported that the iowarrior device driver did not sufficiently validate USB descriptors. This...

7.8CVSS6.9AI score0.17827EPSS
Exploits30References17
Debian
Debian
added 2017/04/28 12:39 p.m.142 views

[SECURITY] [DLA 922-1] linux security update

Package : linux Version : 3.2.88-1 CVE ID : CVE-2016-2188 CVE-2016-9604 CVE-2016-10200 CVE-2017-2647 CVE-2017-2671 CVE-2017-5967 CVE-2017-5970 CVE-2017-6951 CVE-2017-7184 CVE-2017-7261 CVE-2017-7273 CVE-2017-7294 CVE-2017-7308 CVE-2017-7472 CVE-2017-7616 CVE-2017-7618 Several vulnerabilities have...

7.8CVSS7.1AI score0.17827EPSS
Exploits30
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.288 views

Fedora 25 : kernel (2017-93dec9eba5)

The 4.10.8 stable update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.8CVSS6.6AI score0.01798EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.55 views

Fedora 24 : kernel (2017-02174df32f)

The 4.10.8 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.8CVSS6.6AI score0.01798EPSS
Exploits4References4
OSV
OSV
added 2017/03/24 9:59 p.m.9 views

CVE-2017-7261

The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service ZEROSIZEPTR dereference, and GPF and possibly panic via a crafted ioctl cal...

5.5CVSS6.4AI score
Exploits0References4
CVE
CVE
added 2017/03/24 9:0 p.m.140 views

CVE-2017-7261

CVE-2017-7261 affects the Linux kernel driver vmwgfx. The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c does not check for a zero value of certain levels data, allowing a local user to cause a denial of service (ZERO_SIZE_PTR dereference, GP fault, and potentially a...

5.5CVSS5.6AI score0.00366EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2016/02/27 2:0 a.m.58 views

CVE-2015-7261

CVE-2015-7261 affects QNAP iArtist Lite before 1.4.54 (bundled with Signage Station before 2.0.1). The FTP service contains hardcoded credentials, enabling remote access via TCP port 21. Root cause is hard-coded FTP accounts/passwords in iArtist Lite used by Signage Station; impact is unauthorize...

9.8CVSS9.2AI score0.01598EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2014/12/12 12:59 a.m.16 views

CVE-2014-7261

Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...

4.3CVSS5.5AI score0.01148EPSS
Exploits0References3
Prion
Prion
added 2014/12/12 12:59 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...

4.3CVSS5.9AI score0.01502EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/12/12 12:0 a.m.25 views

CVE-2014-7261

Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...

5.5AI score0.01148EPSS
Exploits0References3
CVE
CVE
added 2014/12/12 12:0 a.m.43 views

CVE-2014-7261

CVE-2014-7261 affects i-HTTPD (Windows) via a flaw in processing the HTTP header that can lead to cross-site scripting (CWE-79). The connected JVN entry explicitly documents an XSS in the HTTP header handling and notes that this vulnerability is distinct from CVE-2014-7263 (directory-index render...

4.3CVSS5.6AI score0.01148EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/09/20 9:0 p.m.60 views

CVE-2008-7261

The CVE-2008-7261 entry affects IBM FileNet P8 Application Engine (P8AE) Workplace (WP) component, specifically version 3.5.1 prior to 3.5.1-010. The issue arises because DEBUG messages containing user credentials are written into the log4j.xml file, potentially allowing local users to read sensi...

2.1CVSS5.7AI score0.00346EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder