Lucene search
+L

229 matches found

RedHat Linux
RedHat Linux
added 2013/05/28 5:21 p.m.28 views

Moderate: Red Hat Security Advisory: haproxy security update

An updated haproxy package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5.1CVSS6.4AI score0.05464EPSS
Exploits0References3
NVD
NVD
added 2013/03/27 9:55 p.m.22 views

CVE-2013-1859

The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecified vectors...

6.4CVSS6.7AI score0.02782EPSS
Exploits0References5
Prion
Prion
added 2013/03/27 9:55 p.m.13 views

Design/Logic Flaw

The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecified vectors...

6.4CVSS7.2AI score0.02782EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2013/03/27 9:0 p.m.41 views

CVE-2013-1859

The vulnerability CVE-2013-1859 affects the Drupal contributed module Node Parameter Control (6.x-1.x). The module does not properly restrict access to its configuration options, enabling remote attackers to read and edit configuration via unspecified vectors. All 6.x-1.x versions are affected; D...

6.4CVSS6.8AI score0.02782EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2013/03/13 12:0 a.m.21 views

SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass

This module enables you to limit the visibility of the fields on the node edit form. The module doesn't sufficiently check access before allowing users to view and edit the configuration options allowing anonymous and authenticated users the ability to view and edit the configuration options. CVE...

6.4CVSS6.2AI score0.02782EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2012/11/19 12:0 a.m.75 views

CVE-2012-5519

CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface...

7.2CVSS7.2AI score0.02128EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2012/09/22 12:0 a.m.20 views

CentOS Update for python-qpid CESA-2012:1269 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS5.2AI score0.04236EPSS
Exploits0References2
Prion
Prion
added 2011/12/14 12:55 a.m.13 views

Privilege escalation

The Microsoft Office Input Method Editor IME for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the...

7.2CVSS6.9AI score0.01801EPSS
Exploits1References2Affected Software3
OpenVAS
OpenVAS
added 2011/12/14 12:0 a.m.25 views

Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)

This host is missing an important security update according to Microsoft Bulletin MS11-088. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5AI score0.01801EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2011/12/14 12:0 a.m.40 views

Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)

This host is missing an important security update according to Microsoft Bulletin MS11-088. OpenVAS Vulnerability Test $Id: secpodms11-088.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Office IME Chinese Privilege Elevation Vulnerability 2652016 Authors: Antu Sanadi Copyright: Copyright c 2011...

7.2CVSS1AI score0.01801EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/11/21 12:0 a.m.11 views

MDVA-2011:083 : bind

The default configuration and compiled in options for ISC BIND uses DNSSEC per default which under certain circumstances can result in huge latencies due to the overhead of trying to validate each lookup, and everytime. This has now been disabled in the configuration file...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.17 views

CentOS Update for openssh CESA-2009:1470 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS7.4AI score0.00318EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2011/06/18 7:17 a.m.7 views

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/03 11:46 a.m.7 views

Tor 0.2.2.25-alpha released - To Toggle, or not to Toggle & The End of Torbutton!

Tor 0.2.2.25-alpha released - To Toggle, or not to Toggle & The End of Torbutton! Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more robust, routers no longer overreport their bandwidth, Win7 should crash a little less, and NEWNYM as used by Vidalia's "new identity" buttonnow...

6.6AI score
Exploits0
Drupal
Drupal
added 2011/03/02 12:0 a.m.22 views

SA-CONTRIB-2011-012 - Spaces - Access bypass

The Spaces module makes sitewide configuration options available to be overridden by individual "spaces" on a Drupal site. Spaces provides a Views module access plugin that does not properly check its permission setting which may allow underprivileged users to visit certain pages. This...

7AI score
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.28 views

SuSE 11 Security Update : openslp (SAT Patch Number 3317)

The openslp daemon could run into an endless loop when receiving specially crafted packets. CVE-2010-3609 Additionally the following non-security bugs were fixed : - 564504: Fix handling of DA answers if both active and passive DA detection is off - 597215: Add configuration options to openSLP:...

5CVSS7.1AI score0.17223EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2010/08/10 12:0 a.m.20 views

MDVA-2010:184 : net-snmp

It was discovered that the snmpd daemon could segfault with certain configuration options. The updated packages addresses this problem. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Netwo...

7AI score
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2010/06/29 12:0 a.m.18 views

Widget properties exposed to third party domains

In some cases, widget properties could be exposed to third party domains, leading to the possibility of leak of widget information, or configuration options for the widget...

1.6AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2009/07/09 12:0 a.m.27 views

xscreensaver 5.01 - Arbitrary File Disclosure Symlink

xscreensaver local arbitrary file disclosure | symlink attack The �xscreensaver� program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on by default Example: Opensolaris The xscreensaver...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/06 12:0 a.m.18 views

xscreensaver Symlink Attack

xscreensaver local arbitrary file disclosure | symlink attack The ´xscreensaver´ program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on by default Example: Opensolaris The xscreensaver program...

7.4AI score
Exploits0
Rows per page
Query Builder