Lucene search
K

134 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/18 12:0 a.m.67 views

Ubuntu 14.04 LTS / 16.04 LTS : Bash vulnerabilities (USN-3294-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3294-1 advisory. Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a...

8.4CVSS7.3AI score0.06019EPSS
Exploits2References5
OSV
OSV
added 2017/05/17 5:6 p.m.6 views

USN-3294-1 bash vulnerabilities

Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. CVE-2016-0634...

8.4CVSS7AI score0.06019EPSS
Exploits2References5
Kitploit
Kitploit
added 2017/03/28 1:32 p.m.25 views

wuzz - Interactive CLI Tool for HTTP Inspection

Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL's arguments, so it can be used to inspect/modify requests copied from the browser's network inspector with the "copy as cURL" feature. Installation and usage $ go get github.com/asciimoo/wuzz $...

7.4AI score
Exploits0References1
NVD
NVD
added 2017/03/27 3:59 p.m.26 views

CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS7.7AI score0.00425EPSS
Exploits2References4
Prion
Prion
added 2017/03/27 3:59 p.m.23 views

Authentication flaw

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

4.6CVSS7.6AI score0.00425EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2017/03/27 3:59 p.m.1 views

DEBIAN-CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS8.2AI score0.00425EPSS
Exploits2References1
OSV
OSV
added 2017/03/27 3:59 p.m.26 views

CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS6.7AI score
Exploits0References4
Debian CVE
Debian CVE
added 2017/03/27 3:0 p.m.22 views

CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS7.5AI score0.00425EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2017/03/27 12:0 a.m.28 views

CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS7.1AI score0.00425EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2017/02/09 9:48 a.m.41 views

CVE-2017-5932

The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter...

7.8CVSS7.6AI score0.00425EPSS
Exploits2References2
OwnCloud
OwnCloud
added 2017/02/02 8:46 a.m.545 views

Server: Information disclosure in email field dialog at sharing

An attacker can get sensitive information in the E-Mail share dialog with the autocompletion by default For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

4CVSS4.9AI score0.0103EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2015/07/25 12:0 a.m.10 views

lshell -- Shell autocomplete reveals forbidden directories

lshell reports: The autocomplete feature allows users to list directories, while they do not have access to those paths issue 109...

3.8AI score
Exploits0References1
Mageia
Mageia
added 2015/04/03 1:11 p.m.56 views

Updated iceape packages fix security vulnerabilities

Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors. CVE-2015-0835...

7.5CVSS9.5AI score0.06029EPSS
Exploits0References16
NVD
NVD
added 2015/02/25 11:59 a.m.20 views

CVE-2015-0822

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code...

4.3CVSS6.4AI score0.02549EPSS
Exploits0References22
Cvelist
Cvelist
added 2015/02/25 11:0 a.m.22 views

CVE-2015-0822

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code...

9.4AI score0.02549EPSS
Exploits0References22
CVE
CVE
added 2015/02/25 11:0 a.m.168 views

CVE-2015-0822

CVE-2015-0822 affects Mozilla Firefox (before 36.0) and Thunderbird (before 31.5). The flaw is in the Form Autocompletion feature, where crafted JavaScript can cause a remote attacker to read arbitrary local files. Public entries in multiple advisories confirm affected products and versions (Fire...

4.3CVSS9.2AI score0.02549EPSS
Exploits0References22Affected Software1
UbuntuCve
UbuntuCve
added 2015/02/25 12:0 a.m.28 views

CVE-2015-0822

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code...

4.3CVSS7AI score0.02549EPSS
Exploits0References4
OSV
OSV
added 2015/02/25 12:0 a.m.1 views

UBUNTU-CVE-2015-0822

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code...

4.3CVSS7AI score0.02549EPSS
Exploits0References5
NVD
NVD
added 2014/08/14 6:47 p.m.15 views

CVE-2014-5250

Unspecified vulnerability in the AJAX autocompletion callback in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to access data via unspecified vectors...

7.5CVSS6.7AI score0.02357EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/08/14 6:0 p.m.24 views

CVE-2014-5250

Unspecified vulnerability in the AJAX autocompletion callback in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to access data via unspecified vectors...

6.7AI score0.02357EPSS
Exploits0References4
Rows per page
Query Builder