Lucene search
K

8606 matches found

RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.2 views

kernel: crypto: info leaks in report API

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

2.1CVSS5.8AI score0.00386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/04/23 6:18 p.m.4 views

Kernel: xfrm_user: info leak in copy_to_user_auth

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

1.9CVSS7.2AI score0.00345EPSS
Exploits0References4
ICS
ICS
added 2013/04/10 6:0 a.m.40 views

QNX Multiple Vulnerabilities

OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...

7.8CVSS7.9AI score0.08221EPSS
Exploits2References10
UbuntuCve
UbuntuCve
added 2013/03/28 12:18 p.m.13 views

CVE-2013-0926

Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...

6.8CVSS5.9AI score0.0111EPSS
Exploits0References6
Prion
Prion
added 2013/03/28 12:18 p.m.28 views

Code injection

Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...

6.8CVSS6.8AI score0.0111EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2013/03/28 10:0 a.m.21 views

CVE-2013-0926

Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...

6AI score0.0111EPSS
Exploits0References11
CVE
CVE
added 2013/03/28 10:0 a.m.65 views

CVE-2013-0926

CVE-2013-0926 affects Google Chrome prior to 26.0.1410.43. The issue arises when copying and pasting active content in an EMBED element, enabling a user‑assisted remote attacker to trigger an unspecified impact on a crafted site. The provided documents do not specify a confirmed impact or a patch...

6.8CVSS6.1AI score0.0111EPSS
Exploits0References11Affected Software1
Veeam
Veeam
added 2013/03/27 12:0 a.m.18 views

Deduplication Appliance Best Practices

To learn about the Performance Impacts of Deduplicated Storage Systems, visit KB2660. Purpose This article provides links to vendor-provided best practices documents and vendor-specific configuration advice found in the Veeam Backup & Replication User Guide. It also offers general recommendations...

6.5AI score
Exploits0Affected Software1
myhack58
myhack58
added 2013/03/19 12:0 a.m.19 views

Bo library network to any user of the password reset vulnerability, non-violent crack-vulnerability warning-the black bar safety net

Brief description: Bo library network-the most varieties of Chinese online bookstore, and the presence of any user of the password reset vulnerability, or non-mainstream. Don't burp suite, no violence, just gently change you can reset any user password. To predict the details, please see the...

7.4AI score
Exploits0
OSV
OSV
added 2013/03/15 8:55 p.m.1 views

DEBIAN-CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

2.1CVSS5.6AI score0.00386EPSS
Exploits0References1
OSV
OSV
added 2013/03/15 8:55 p.m.3 views

DEBIAN-CVE-2013-2548

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the...

2.1CVSS5.9AI score0.00385EPSS
Exploits0References1
OSV
OSV
added 2013/03/15 12:0 a.m.1 views

UBUNTU-CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

2.1CVSS5.8AI score0.00386EPSS
Exploits0References8
Metasploit
Metasploit
added 2013/03/14 12:40 p.m.17 views

PsExec NTDS.dit And SYSTEM Hive Download Utility

This module authenticates to an Active Directory Domain Controller and creates a volume shadow copy of the %SYSTEMDRIVE%. It then pulls down copies of the ntds.dit file as well as the SYSTEM hive and stores them. The ntds.dit and SYSTEM hive copy can be used in combination with other tools for...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2013/03/12 12:0 a.m.43 views

CentOS Update for openssh CESA-2013:0519 centos6

Check for the Version of openssh OpenVAS Vulnerability Test CentOS Update for openssh CESA-2013:0519 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

6.2CVSS0.00437EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/03/10 12:0 a.m.31 views

CentOS 6 : openssh (CESA-2013:0519)

Updated openssh packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

6.2CVSS6.2AI score0.00437EPSS
Exploits1References3
OSV
OSV
added 2013/03/07 12:0 a.m.4 views

UBUNTU-CVE-2012-6538

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

1.9CVSS7.2AI score0.00345EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2013/03/01 12:0 a.m.32 views

Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20130221)

Due to the way the pamsshagentauth PAM module was built in Scientific Linux 6, the glibc's error function was called rather than the intended error function in pamsshagentauth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an...

6.2CVSS6.2AI score0.00437EPSS
Exploits1References2
Cent OS
Cent OS
added 2013/02/27 7:37 p.m.68 views

openssh, pam_ssh_agent_auth security update

CentOS Errata and Security Advisory CESA-2013:0519 Updated openssh packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A...

6.2CVSS6.1AI score0.00437EPSS
Exploits1References7
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.54 views

openchange security, bug fix and enhancement update

evolution-mapi 0.28.3-12 - Add patch for RH bug 903241 Double-free on message copy/move 0.28.3-11 - Add patch for RH bug 902932 Cannot connect with latest samba 0.28.3-10 - Drop multilib by obsoleting evolution-mapi 0.28.3-9 RH bug 886914. 0.28.3-9 - Adapt to OpenChange 1.0 RH bug 767678. 0.28.3-...

10CVSS0.3AI score0.74034EPSS
Exploits9
NVD
NVD
added 2013/02/23 9:55 p.m.15 views

CVE-2013-0895

Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors...

7.5CVSS7.1AI score0.0138EPSS
Exploits0References3
Rows per page
Query Builder