Lucene search
K

2241 matches found

ICS
ICS
added 2013/04/22 12:0 p.m.56 views

Inductive Automation Ignition Information Disclosure Vulnerability

Overview ICS-CERT has received a report from Rubén Santamarta concerning a vulnerability in Inductive Automation’s Ignition software. Ignition is an updated version of FactoryPMI Plant Management Interface, offered by Inductive Automation. This vulnerability allows unauthorized users to download...

7.1AI score
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2013/04/04 12:0 a.m.34 views

SuSE 11.2 Security Update : Xen (SAT Patch Number 7492)

XEN has been updated to fix various bugs and security issues : - XSA 36 To avoid an erratum in early hardware, the Xen AMD IOMMU code by default choose to use a single interrupt remapping table for the whole system. This sharing implied that any guest with a passed through PCI device that is bus...

9.3CVSS7.6AI score0.04904EPSS
Exploits4References30
OSV
OSV
added 2013/02/27 4:55 p.m.3 views

DEBIAN-CVE-2013-2277

The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecifie...

7.5CVSS7.6AI score0.01986EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.151 views

Unbreakable Enterprise kernel security and bug fix update

2.6.39-400.17.1 - This is a fix on dlmcleanmasterlist Xiaowei.Hu - RDS: fix rds-ping spinlock recursion jeff.liu Orabug: 16223050 - vhost: fix length for cross region descriptor Michael S. Tsirkin Orabug: 16387183 CVE-2013-0311 - kabifix: block/scsi: Allow request and error handling timeouts to b...

6.6CVSS7.8AI score0.00988EPSS
Exploits8
Oracle linux
Oracle linux
added 2013/02/06 12:0 a.m.47 views

Unbreakable Enterprise kernel security update

2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...

4.9CVSS3.2AI score0.00882EPSS
Exploits1
Fedora
Fedora
added 2013/02/03 1:50 p.m.36 views

[SECURITY] Fedora 17 Update: leptonica-1.69-5.fc17

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

7.5CVSS6.6AI score0.01087EPSS
Exploits0
ICS
ICS
added 2012/12/25 7:0 a.m.39 views

Ecava IntegraXor ActiveX Directory Traversal

Overview Independent researchers Billy Rios and Terry McCorkle have identified a Path Traversal vulnerability in the Ecava IntegraXor application. Ecava has produced an update that mitigates this vulnerability. The researchers have validated that the patch fixes this vulnerability. Affected...

9.3CVSS7AI score0.06112EPSS
Exploits0References10
0day.today
0day.today
added 2012/11/17 12:0 a.m.79 views

NFR Agent FSFUI Record File Upload Remote Command Execution

NFRAgent.exe, a component of Novell File Reporter NFR, allows remote attackers to upload arbitrary files via a directory traversal while handling requests to /FSF/CMD with FSFUI records with UICMD 130. This Metasploit module has been tested successfully against NFR Agent 1.0.4.3 File Reporter 1.0...

7.2AI score0.71194EPSS
Exploits21
RedHat Linux
RedHat Linux
added 2012/09/18 10:46 p.m.9 views

OpenJDK: AWT hardening fixes (AWT, 7163201)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

7.3AI score0.12471EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2012/09/06 7:41 p.m.10 views

Two Microsoft Security Updates Await In Advance of Certificate Key Length Changes

Microsoft is promising a light load of security updates for next Tuesday’s monthly patch release in an attempt to give Windows administrators and security teams time to prepare for an October change to certificate key length requirements. Angela Gunn of Microsoft’s Security Response Team announce...

7.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/09/04 7:4 a.m.8 views

OpenJDK: AWT hardening fixes (AWT, 7163201)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

7.3AI score0.12471EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/03 12:57 p.m.4 views

OpenJDK: AWT hardening fixes (AWT, 7163201)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

7.3AI score0.12471EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/03 12:50 p.m.3 views

OpenJDK: AWT hardening fixes (AWT, 7163201)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

7.3AI score0.12471EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2012/09/03 12:0 a.m.43 views

Oracle Java SE JRE AWT Component Unspecified Vulnerability - Windows

Oracle Java SE JRE is prone to an unspecified vulnerability. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

9.5AI score
Exploits0References4
Prion
Prion
added 2012/08/30 11:55 p.m.30 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

8.4AI score0.98536EPSS
Exploits10References19Affected Software2
Cvelist
Cvelist
added 2012/08/30 11:0 p.m.30 views

CVE-2012-0547

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

9AI score0.12471EPSS
Exploits1References19
CVE
CVE
added 2012/08/30 11:0 p.m.357 views

CVE-2012-0547

CVE-2012-0547 is a Java SE/JRE issue affecting Oracle JRE 7u6 and earlier and 6u34 and earlier. The vulnerability is described as a security-in-depth, AWT-related issue that is not directly exploitable on its own, but can aggravate vulnerabilities that are exploitable when combined with others. A...

8.8AI score0.12471EPSS
Exploits1References19Affected Software2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.67 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64

A flaw was found in the way the TLS/SSL Transport Layer Security/Secure Sockets Layer protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session for example, an HTTPS connection to a website. This could force the...

9.8CVSS8.6AI score0.96319EPSS
Exploits33References20
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : xorg-x11 on SL4.x i386/x86_64

A flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service crash or potentially execu...

4.3CVSS5.9AI score0.00511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.39 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64

A flaw was found in the Swing library. Forged TimerEvents could be used to bypass SecurityManager checks, allowing access to otherwise blocked files and directories. CVE-2010-4465 A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management...

10CVSS7.9AI score0.04132EPSS
Exploits1References8
Rows per page
Query Builder