Lucene search
K

4967 matches found

The Hacker News
The Hacker News
added 2015/07/08 11:15 p.m.21 views

Micro:bit — A Pocket-sized Programmable Computer

The BBC has unveiled the final design of the Micro:bit — a pocket-sized computer board designed to lure U.K. school children to embedded electronics. The Micro:bit is essentially a codeable computer that lets kids get creative with technology. It measures 5cm by 4cm and will be available in...

6.7AI score
Exploits0
NVD
NVD
added 2015/06/15 2:59 p.m.12 views

CVE-2015-4367

Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References5
Prion
Prion
added 2015/06/15 2:59 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...

3.5CVSS5.6AI score0.00965EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/06/15 2:0 p.m.19 views

CVE-2015-4367

Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...

5.3AI score0.00965EPSS
Exploits0References5
CNVD
CNVD
added 2015/06/05 12:0 a.m.2 views

Moodle 'lib/moodlelib.php' Sensitive Information Disclosure Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A sensitive information disclosure vulnerability exists in the Moodle 'lib/moodlelib.php' script. As the theme uses the blocks-regions...

4.3CVSS6.3AI score0.01876EPSS
Exploits0References1
OSV
OSV
added 2015/06/01 7:59 p.m.1 views

UBUNTU-CVE-2015-2270

lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote attackers to obtain sensitive course...

4.3CVSS5.8AI score0.01876EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2015/05/18 12:0 a.m.5 views

Microsoft Internet Explorer MHTML Content Blocks Information Disclosure - Ver2 (CVE-2011-0096)

MHTML MIME Encapsulation of Aggregate HTML is an Internet standard that defines the MIME structure that is used to wrap HTML content. An information disclosure vulnerability has been reported in Microsoft Windows MHTML protocol. The vulnerability is due to the way MHTML interprets MIME-formatted...

4.3CVSS5.6AI score0.46819EPSS
Exploits1
Packet Storm
Packet Storm
added 2015/03/22 12:0 a.m.26 views

PHP unserialize() Use-After-Free

Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/03/21 12:0 a.m.34 views

Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting

Exploit Title: Persistent XSS via Markdown on Telescope = 0.9.2 Date: Aug 22 2014 Exploit Author: shubs Vendor Homepage: http://www.telescopeapp.org/ Software Link: https://github.com/TelescopeJS/Telescope Version: = 0.9.2 CVE : CVE-2014-5144 Telescope 0.9.2 and below suffer from a persistent cro...

5.4CVSS5.8AI score0.01995EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2015/03/03 12:49 p.m.1 views

Kernel: USB serial: memory corruption flaw

A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the...

6.9CVSS6.7AI score0.00596EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2015/02/20 12:0 a.m.25 views

PHP DateTimeZone Type Confusion Infoleak

Type Confusion Infoleak Vulnerability in unserialize with DateTimeZone Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A Type Confusion Vulnerability was discovered in unserialize with DateTimeZone object's wakeup magic method that can be abused for leaking arbitrary memory blocks...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/12/16 7:12 p.m.3 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/12/09 8:33 p.m.3 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/12/08 12:0 a.m.43 views

Cisco ASA SSL VPN Memory Blocks Exhaustion DoS (CSCuq68888)

According to its banner, the version of the Cisco ASA software on the remote device is affected by a vulnerability in the SSL VPN feature due to improper implementation of memory blocks allocation when processing crafted HTTP packets. A remote, unauthenticated attacker can exploit this issue by...

5CVSS5.5AI score0.01698EPSS
Exploits0References3
Cent OS
Cent OS
added 2014/12/04 9:58 p.m.94 views

kernel security update

CentOS Errata and Security Advisory CESA-2014:1959 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS bas...

2.1CVSS6.7AI score0.00534EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.265 views

RHEL 6 : kernel (RHSA-2014:1843)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...

6.9CVSS6.3AI score0.00596EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2014/11/11 3:34 p.m.66 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.9CVSS6.5AI score0.00596EPSS
Exploits0References5
OSV
OSV
added 2014/11/05 11:55 a.m.1 views

DEBIAN-CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS7.5AI score0.03076EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2014/11/05 11:0 a.m.20 views

CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS7.2AI score0.03076EPSS
Exploits0
OSV
OSV
added 2014/11/05 12:0 a.m.2 views

UBUNTU-CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS5.9AI score0.03076EPSS
Exploits0References4
Rows per page
Query Builder