Lucene search
K

4773 matches found

Tenable Nessus
Tenable Nessus
added 2016/10/26 12:0 a.m.16 views

Debian DLA-677-1 : nss security update

The Network Security Service NSS libraries uses environment variables to configure lots of things, some of which refer to file system locations. Others can be degrade the operation of NSS in various ways, forcing compatibility modes and so on. Previously, these environment variables were not...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/10/26 12:0 a.m.9 views

Debian DLA-676-1 : nspr security update

The Network Security Service NSS libraries uses environment variables to configure lots of things, some of which refer to file system locations. Others can be degrade the operation of NSS in various ways, forcing compatibility modes and so on. Previously, these environment variables were not...

5.5AI score
Exploits0References2
Debian
Debian
added 2016/10/25 8:1 p.m.23 views

[SECURITY] [DLA 677-1] nss security update

Package : nss Version : 3.26-1+debu7u1 The Network Security Service NSS libraries uses environment variables to configure lots of things, some of which refer to file system locations. Others can be degrade the operation of NSS in various ways, forcing compatibility modes and so on. Previously,...

7AI score
Exploits0
OSV
OSV
added 2016/10/25 12:0 a.m.6 views

DLA-677-1 nss - security update

Bulletin has no description...

7.2AI score
Exploits0
OSV
OSV
added 2016/10/25 12:0 a.m.11 views

DLA-676-1 nspr - security update

Bulletin has no description...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/10/06 12:0 a.m.23 views

Debian DSA-3687-1 : nspr - security update

Two vulnerabilities were reported in NSPR, a library to abstract over operating system interfaces developed by the Mozilla project. - CVE-2016-1951 q1 reported that the NSPR implementation of sprintf-style string formatting function miscomputed memory allocation sizes, potentially leading to...

8.6CVSS8.1AI score0.02716EPSS
Exploits0References5
OSV
OSV
added 2016/10/05 12:0 a.m.26 views

DSA-3687-1 nspr - security update

Bulletin has no description...

8.6CVSS8.4AI score0.02716EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/10/05 12:0 a.m.53 views

Debian Security Advisory DSA 3688-1 (nss - security update)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...

9.3CVSS0.6AI score0.9986EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/10/03 6:43 a.m.4 views

Cybozu Office vulnerable to information disclosure

Overview Cybozu Office contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in...

6.5CVSS6.3AI score0.02023EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/10/03 12:0 a.m.33 views

JVN#09736331: Cybozu Office vulnerable to information disclosure

Cybozu Office contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the page...

6.5CVSS6.3AI score0.02023EPSS
Exploits0
CNVD
CNVD
added 2016/09/28 12:0 a.m.5 views

Apple OS X Perl Security Bypass Vulnerability

Apple OS X is a special operating system developed by Apple for Mac computers. Perl is a free and powerful cross-platform programming language developed by American programmer Larry Wall. A security bypass vulnerability exists in Perl in Apple OS X versions prior to 10.12, which can be exploited ...

5.3CVSS6.4AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/09/27 9:47 a.m.19 views

CVE-2016-7543

An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances...

8.4CVSS4AI score0.00576EPSS
Exploits0References1
NVD
NVD
added 2016/09/18 10:59 p.m.20 views

CVE-2016-4749

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file...

3.3CVSS3AI score0.00319EPSS
Exploits0References5
OSV
OSV
added 2016/09/18 10:59 p.m.3 views

CVE-2016-4749

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file...

3.3CVSS7.3AI score0.00319EPSS
Exploits0References5
Prion
Prion
added 2016/09/18 10:59 p.m.13 views

Design/Logic Flaw

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file...

2.1CVSS5.8AI score0.00319EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2016/09/18 10:0 p.m.24 views

CVE-2016-4749

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file...

2.9AI score0.00319EPSS
Exploits0References5
Cloud Foundry
Cloud Foundry
added 2016/09/09 12:0 a.m.58 views

CVE-2016-6639: PHP Buildpack exposes .profile file | Cloud Foundry

CVE-2016-6639: PHP Buildpack exposes .profile file Medium Vendor Cloud Foundry Foundation Versions Affected PHP Buildpack versions prior to v4.3.18 Cf-release versions prior to v242 Description The .profile file, which can potentially include environment variables and credentials, is exposed by...

7.5CVSS7.7AI score0.01704EPSS
Exploits0
Hacker One
Hacker One
added 2016/09/05 5:28 p.m.26 views

Boozt Fashion AB: PHP info page disclosure on http://www.day.dk/

Hi, Boozt team. Description: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: 1. Go to http://www.day.dk/check.php An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...

7AI score
Exploits0
Veeam
Veeam
added 2016/09/05 12:0 a.m.23 views

Windows FLR fails with "Failed to create or open file [C:\Windows\system32\config\systemprofile\"

Challenge When attempting to perform a Guest OS File Level Restore from a Windows Filesystem the mount Backup Browser displays the error: The system cannot find the path specified. Failed to create or open file C:\Windows\system32\config\systemprofile...\veeamflr-.flat. Agent failed to process...

6.9AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2016/08/24 7:41 p.m.3 views

jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)

Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables...

6.5CVSS5.9AI score0.02142EPSS
Exploits0References5
Rows per page
Query Builder