Lucene search
K

4967 matches found

OSV
OSV
added 2017/03/16 2:59 p.m.16 views

CVE-2017-6379

Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that users would have to know the block ID...

7.5CVSS6.5AI score
Exploits0References3
OSV
OSV
added 2017/03/15 8:8 p.m.6 views

USN-3234-2 linux-lts-xenial vulnerabilities

USN-3234-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not...

4.9CVSS6.7AI score0.00428EPSS
Exploits0References3
0day.today
0day.today
added 2017/03/04 12:0 a.m.23 views

WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Request Forgery in Global Content Blocks WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/03/03 12:0 a.m.41 views

WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery

------------------------------------------------------------------------ Cross-Site Request Forgery in Global Content Blocks WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

0.2AI score
Exploits0
WPVulnDB
WPVulnDB
added 2017/03/01 12:0 a.m.6 views

Global Content Blocks - Cross-Site Request Forgery (CSRF)

The global-content-blocks WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

3.3AI score
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.37 views

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinglobalcontentblockswordpressplugin.html Abstract It was discovered that the Global Content Blocks WordPress Plugin is vulnerable to Cross-Site Request...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/01 12:0 a.m.34 views

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery

!-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinglobalcontentblockswordpressplugin.html Abstract It was discovered that the Global Content Blocks WordPress Plugin is vulnerable to Cross-Site Request Forgery. Amongst others, this issue can be used to update a content block t...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/03/01 12:0 a.m.31 views

WordPress Global Content Blocks 2.1.5 Plugin - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinglobalcontentblockswordpressplugin.html Abstract It was discovered that the Global Content Blocks WordPress Plugin is vulnerable to Cross-Site Request Forgery. Amongst...

7.1AI score
Exploits0
OSV
OSV
added 2017/02/28 7:59 p.m.4 views

CVE-2017-5682

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

7.3CVSS5.8AI score0.00973EPSS
Exploits0References2
Prion
Prion
added 2017/02/28 7:59 p.m.14 views

Code injection

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

9.3CVSS7.1AI score0.00973EPSS
Exploits0References2Affected Software12
Intel
Intel
added 2017/02/28 12:0 a.m.26 views

Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.

Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...

7.3AI score
Exploits0
OSV
OSV
added 2017/01/31 10:59 p.m.3 views

DEBIAN-CVE-2016-6329

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack...

5.9CVSS6.8AI score0.0594EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2016/11/15 12:0 a.m.97 views

kernel security and bug fix update

2.6.32-642.11.1 - mm close FOLL MAPPRIVATE race Larry Woodman 1385116 1385117 CVE-2016-5195 2.6.32-642.10.1 - scsi fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer Maurizio Lombardi 1382620 1341298 2.6.32-642.9.1 - net vlan: Fix FCOEMTU support Maurizio Lombardi 1381592...

7.8CVSS0.1AI score0.83524EPSS
Exploits83
Prion
Prion
added 2016/11/04 9:59 p.m.29 views

Cross site request forgery (csrf)

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

2.1CVSS6.4AI score0.00386EPSS
Exploits0References10Affected Software5
OSV
OSV
added 2016/11/04 9:59 p.m.2 views

ALPINE-CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.4AI score0.00386EPSS
Exploits0References1
OSV
OSV
added 2016/11/04 9:59 p.m.1 views

DEBIAN-CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.8AI score0.00386EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2016/11/04 9:0 p.m.59 views

CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.4AI score0.00386EPSS
Exploits0
OSV
OSV
added 2016/11/04 12:0 a.m.4 views

UBUNTU-CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.9AI score0.00386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/09/12 7:39 p.m.5 views

openjpeg: heap overflow in parsing of JPEG2000 code blocks

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium. A specially crafted JPEG2000 image could cause an incorrect calculation when allocating memory for code blocks, which could lead to a crash, or potentially, code execution...

8.8CVSS7.5AI score0.01963EPSS
Exploits0References5
CNVD
CNVD
added 2016/08/03 12:0 a.m.3 views

Android System UI Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. system UI is the system interface that comes with Android. A denial of service vulnerability exists in System UI in Android. An attacker can exploit this vulnerability by using a...

5.5CVSS6.7AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder