Lucene search
K

4773 matches found

Ubuntu
Ubuntu
added 2016/03/02 1:37 p.m.78 views

USN-2916-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-7422 Markus Vervier discovered that Perl incorrectly...

7.5CVSS7AI score0.09007EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2016/03/01 12:0 a.m.27 views

CVE-2016-2381

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp...

7.5CVSS6.9AI score0.09007EPSS
Exploits0References2
OSV
OSV
added 2016/03/01 12:0 a.m.4 views

UBUNTU-CVE-2016-2381

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp...

7.5CVSS7.1AI score0.09007EPSS
Exploits0References3
Kitploit
Kitploit
added 2016/02/12 8:23 p.m.14 views

htop 2.0 - An Interactive Process Viewer for Unix

htop is an interactive system-monitor process-viewer. It is designed as an alternative to the Unix program top. It shows a frequently updated list of the processes running on a computer, normally ordered by the amount of CPU usage. Unlike top, htop provides a full list of processes running, inste...

7.1AI score
Exploits0References1
Debian
Debian
added 2016/01/23 10:33 p.m.16 views

[SECURITY] [DLA 399-1] foomatic-filters security update

Package : foomatic-filters Version : 4.0.5-6+squeeze2+deb6u13 CVE ID : not yet assigned cups-filters contains multiple buffer overflows caused by lack of size checks when copying from environment variables to local buffers strcpy as well on string concatenation operations strcat...

7.3AI score
Exploits0
OSV
OSV
added 2016/01/23 12:0 a.m.8 views

DLA-399-1 foomatic-filters - security update

Bulletin has no description...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2016/01/03 10:44 p.m.16 views

Phpsploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes. Overview The obfuscated...

8.2AI score
Exploits0References1
NVD
NVD
added 2015/12/31 5:59 a.m.17 views

CVE-2014-4876

Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138...

4.3CVSS4.1AI score0.01658EPSS
Exploits0References2
CVE
CVE
added 2015/12/31 2:0 a.m.43 views

CVE-2014-4876

CVE-2014-4876 affects Toshiba 4690 OS (version 6 Release 3) where the ADXSITCF logical name is not properly restricted. A remote, unauthenticated client can read system environment variables by sending a crafted request to TCP port 54138, enabling information disclosure. The vulnerability is desc...

4.3CVSS4.2AI score0.01658EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.20 views

Scientific Linux Security Update : autofs on SL7.x x86_64 (20151119)

It was found that program-based automounter maps that used interpreted languages such as Python used standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note: This...

4.4CVSS5.4AI score0.00335EPSS
Exploits0References2
Amazon
Amazon
added 2015/12/14 12:0 a.m.42 views

Medium: autofs

Issue Overview: It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system...

4.4CVSS6.7AI score0.00335EPSS
Exploits0
CNVD
CNVD
added 2015/12/02 12:0 a.m.4 views

Cisco Cloud Services Router 1000V Command Injection Vulnerability

Cisco IOS on Cloud Services Router CSR 1000V is a Cisco operating system that runs on the Cisco 1000V family of cloud services routers. A security vulnerability exists in the publish-event event-manager feature of Cisco IOS Release 15.52S and Release 15.53S on Cisco CSR 1000V devices. A local...

7.2CVSS7.3AI score0.00436EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/12/02 12:0 a.m.24 views

CentOS 7 : autofs (CESA-2015:2417)

Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

4.4CVSS5.5AI score0.00335EPSS
Exploits0References2
Cent OS
Cent OS
added 2015/11/30 7:23 p.m.66 views

autofs security update

CentOS Errata and Security Advisory CESA-2015:2417 Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability...

4.4CVSS5.8AI score0.00335EPSS
Exploits0References7
Hacker One
Hacker One
added 2015/11/22 4:11 a.m.22 views

Imgur: Imgur dev environments facing the Internet

A security group configuration error allowed Imgur development environments to face the public internet. Typically these environments were protected behind a special endpoint which would open access to authenticated Imgur employees for a short time window. Since the development environments were...

1.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/11/19 6:23 a.m.5 views

autofs: priv escalation via interpreter load path for program based automount maps

It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system...

4.4CVSS5.8AI score0.00335EPSS
Exploits0References4
OSV
OSV
added 2015/11/02 12:0 a.m.11 views

DSA-3355-2 libvdpau - regression update

Bulletin has no description...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2015/10/30 10:8 a.m.18 views

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

4.6CVSS7.2AI score0.00624EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.38 views

SUSE: Security Advisory for bash (SUSE-SU-2014:1212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.99999EPSS
Exploits130References3
Saint
Saint
added 2015/10/15 12:0 a.m.39 views

Mac OS X rsh Environment Variables Privilege Elevation

Added: 10/15/2015 CVE: CVE-2015-5889 Background The remotecmds component of Apple Mac OS X contains an rsh binary program that allows a user to execute commands on another computer across a computer network. Problem The rsh binary in the remotecmds component of Mac OS X versions prior to 10.11...

7.2CVSS6.6AI score0.05088EPSS
Exploits14
Rows per page
Query Builder