Lucene search
K

4973 matches found

Cent OS
Cent OS
added 2014/12/04 9:58 p.m.95 views

kernel security update

CentOS Errata and Security Advisory CESA-2014:1959 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS bas...

2.1CVSS6.7AI score0.00534EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.265 views

RHEL 6 : kernel (RHSA-2014:1843)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...

6.9CVSS6.3AI score0.00596EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2014/11/11 3:34 p.m.66 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.9CVSS6.5AI score0.00596EPSS
Exploits0References5
OSV
OSV
added 2014/11/05 11:55 a.m.1 views

DEBIAN-CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS7.5AI score0.03076EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2014/11/05 11:0 a.m.20 views

CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS7.2AI score0.03076EPSS
Exploits0
OSV
OSV
added 2014/11/05 12:0 a.m.3 views

UBUNTU-CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...

7.5CVSS5.9AI score0.03076EPSS
Exploits0References4
NVD
NVD
added 2014/10/31 2:55 p.m.14 views

CVE-2014-8577

Multiple cross-site scripting XSS vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 dataContacttitle parameter to admin/contacts/contacts/add page; 2 dataBlocktitle or 3 dataBlockalias parameter to admin/blocks/blocks/edit page; 4...

4.3CVSS5.8AI score0.0425EPSS
Exploits2References9
Veeam
Veeam
added 2014/09/30 12:0 a.m.15 views

Forward Incremental – Animation of Method and Retention

Purpose This article is intended to document how Forward Incremental works, and how its retention is enforced. Solution There are two distinct methods of Forward Incremental: Forever Forward Incremental Forward Incremental with Periodic Fulls Forever Forward Incremental For more information...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/09/29 7:41 p.m.5 views

Kernel: USB serial: memory corruption flaw

A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the...

6.9CVSS6.7AI score0.00596EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/09/29 7:41 p.m.4 views

kernel: udf: Avoid infinite loop when processing indirect ICBs

A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...

4.7CVSS6.7AI score0.0051EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/09/23 12:0 a.m.18 views

Fedora 21 : xen-4.4.1-2.fc21 (2014-10531)

Mishandling of uninitialised FIFO-based event channel control blocks XSA-107, CVE-2014-6268 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

4.9CVSS7.8AI score0.00415EPSS
Exploits0References3
Xen Project
Xen Project
added 2014/09/09 12:30 p.m.65 views

Mishandling of uninitialised FIFO-based event channel control blocks

ISSUE DESCRIPTION When using the FIFO-based event channels, there are no checks for the existence of a control block when binding an event or moving it to a different VCPU. This is because events may be bound when the ABI is in 2-level mode e.g., by the toolstack before the domain is started. The...

4.9CVSS6.2AI score0.00415EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2014/09/04 12:0 a.m.81 views

kernel security and bug fix update

kernel 2.6.18-371.12.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...

3.3CVSS7.1AI score0.0036EPSS
Exploits0
OSV
OSV
added 2014/07/17 5:10 a.m.1 views

DEBIAN-CVE-2013-5855

Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not perform appropriate encoding when a 1 tag or 2 EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting XSS attacks via application-specific vectors...

4.3CVSS6.1AI score0.04715EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Geeklog <= 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit

No description provided by source. ?php / Geeklog = 1.5.2 savepreferences/blocks remote sql injection exploit by Nine:Situations:Group::bookoo our site: http://retrogod.altervista.org/ software site: http://www.geeklog.net/ PHP and MySQL version independent vulnerability, see usersettings.php nea...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

WordPress Global Content Blocks plugin <= 1.2 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Global Content Blocks plugin = 1.2 SQL Injection Vulnerability Date: 2011-08-18 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/global-content-blocks.1.2.zip Version: 1....

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

PostNuke 0.75/0.76 Blocks Module Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13636/info PostNuke Blocks module is affected by a directory traversal vulnerability. The problem presents itself when an attacker passes a name for a target file, along with directory traversal sequences, to the affected...

7.1AI score
Exploits0
OSV
OSV
added 2014/06/26 12:0 a.m.3 views

UBUNTU-CVE-2014-3471

Use-after-free vulnerability in hw/pci/pcie.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU instance crash via hotplug and hotunplug operations of Virtio block devices...

5.5CVSS6.4AI score0.00396EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/05/19 2:55 p.m.28 views

CVE-2013-4431

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request...

5.5CVSS6AI score0.01265EPSS
Exploits0References2
Prion
Prion
added 2014/05/19 2:55 p.m.14 views

Cross site request forgery (csrf)

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request...

5.5CVSS6.8AI score0.01265EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder