CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ThreatPost•added 2015/08/17 12:30 p.m.•21 views

AT&T Facilitated NSA Surveillance Efforts

Telecommunication giant AT&T facilitated, to a larger degree than any other provider, the National Security Agency’s surveillance reach beyond domestic telephone data collection to email and Internet traffic, companion New York Times and ProPublica articles said on Saturday. It’s probably the...

6.9AI score

Exploits0References10

CNVD•added 2015/08/12 12:0 a.m.•2 views

GNU GCC Local Integer Overflow Vulnerability

GCC GNU Compiler Collection, GNU Compiler Suite is a set of compilers developed by GNU Engineering that supports a wide range of programming languages. A native integer overflow vulnerability exists in GNU GCC. Allowing an attacker to execute arbitrary code in the context of an application. A...

7.8CVSS8AI score0.00265EPSS

Exploits1References1

The Hacker News•added 2015/08/05 10:43 p.m.•7 views

Tip — Installing Windows 10‬? Fix 35+ Privacy Issues With Just One Click

So you finally upgraded your system to Windows 10 and became one those 70 Million users. No doubt, Windows 10 is the Windows best version released by Microsoft, but you need to know that it does not offer much privacy by default. Windows 10 is making many headlines these days, even it made me to...

6.5AI score

Atlassian•added 2015/08/04 1:6 p.m.•30 views

Workbox Plugin loads full HTML of JIRA comment, leads to GC loop of death on large comment

To reproduce: start Confluence with GC logging enabled optional, but helps Link Confluence and JIRA create an issue in JIRA watch it add a large comment to the JIRA issue, e.g. paste a 7.7MB log file between \code\ tags open the workbox in Confluence optional: in network tab of web developer tool...

7.2AI score

Exploits0Affected Software1

ThreatPost•added 2015/07/28 9:25 a.m.•26 views

NSA Says It Will End Access to 215 Records When Authority Ends in November

The National Security Agency says that once its legal authority to conduct Section 215 bulk telephone surveillance ends on Nov. 29, its analysts no longer will be allowed to access the database that holds all of the collected Section 215 records. In May, an appeals court ruled that bulk telephone...

0.8AI score

Exploits0References5

The Hacker News•added 2015/07/27 11:12 p.m.•12 views

NSA to Destroy Bulk Collection of Surveillance Data

The National Security Agency will restrict access to, and ultimately destroy, millions of US phone records previously collected by the spy agency, the Office of the Director of National Intelligence ODNI announced Monday. The federal law was passed in June ending the NSA’s bulk collection of U.S...

6.8AI score

RedHat Linux•added 2015/07/27 9:8 a.m.•1 views

chromium-browser: v8 denial of service

The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service application crash via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of...

5CVSS5.9AI score0.01482EPSS

NVD•added 2015/07/23 12:59 a.m.•20 views

CVE-2015-5605

5CVSS6.1AI score0.01482EPSS

Exploits0References8

Prion•added 2015/07/23 12:59 a.m.•13 views

Stack overflow

5CVSS6.6AI score0.01482EPSS

Exploits0References8Affected Software2

UbuntuCve•added 2015/07/22 12:0 a.m.•22 views

CVE-2015-5605

5CVSS7.2AI score0.01482EPSS

Exploits0References3

OSV•added 2015/07/22 12:0 a.m.•2 views

UBUNTU-CVE-2015-5605

5CVSS7.3AI score0.01482EPSS

CNVD•added 2015/07/03 12:0 a.m.•1 views

EMC Isilon OneFS Command Injection Vulnerability

The EMC Isilon OneFS Operating System is an intelligent file system that combines a file system, volume manager and data protection. The EMC Isilon OneFS web management interface fails to properly filter input when invoked to perform log collection, which could allow a malicious user to execute...

9CVSS7.3AI score0.00857EPSS

Zero Day Initiative•added 2015/07/01 12:0 a.m.•15 views

Apple OS X morx nSubtables Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of font...

6.8CVSS5.4AI score0.02022EPSS

ThreatPost•added 2015/06/29 10:7 a.m.•11 views

Searches for Pirated Content Lead to Pain and Little Gain

People love to try and get something for nothing, especially on the Internet where there’s all kinds of things available for nothing. But a lot of those free things are illegal and attackers have become very adept at taking advantage of users’ desire for free episodes of Gilmore Girls or bonus...

1.1AI score

CNVD•added 2015/06/26 12:0 a.m.•1 views

WordPress History Collection Plugin Arbitrary File Download Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An arbitrary file download vulnerability in the WordPress History Collectio plugin allows remote attackers to exploit the vulnerability by submitting a special...

7AI score

RedHat Linux•added 2015/06/23 8:46 a.m.•1 views

kernel: use-after-free during key garbage collection

A race condition flaw was found in the way the Linux kernel keys management subsystem performed key garbage collection. A local attacker could attempt accessing a key while it was being garbage collected, which would cause the system to crash...

6.9CVSS6.3AI score0.00111EPSS

RedHat Linux•added 2015/06/23 8:28 a.m.•1 views

kernel: use-after-free during key garbage collection

6.9CVSS6.3AI score0.00111EPSS

RedHat Linux•added 2015/06/23 8:24 a.m.•2 views

kernel: use-after-free during key garbage collection

6.9CVSS6.3AI score0.00111EPSS

The Hacker News•added 2015/06/22 9:33 p.m.•15 views

How Google Is Tracking Your Movie and Event Activities

No doubt, You must be aware that Google tracks you, but what you probably did not realize is how precisely and till what extent it tracks you. Well, Google knows which movies I watched where, when, at what time and with how many of my friends, and knows it so well — even my eyebrows raised slight...

6.5AI score