Lucene search
+L

7679 matches found

openvas
openvas
added 2015/02/11 12:0 a.m.37 views

RedHat Update for kernel RHSA-2015:0164-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.9AI score0.01176EPSS
Exploits2References2
redhat
redhat
added 2015/02/10 9:51 p.m.59 views

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.2CVSS6.4AI score0.01176EPSS
Exploits2References2
exploitpack
exploitpack
added 2015/01/07 12:59 p.m.16 views

MUSE-4.9.0.006-(.m3u)

Exploit Title: MUSE v4.9.0.006 .m3u Local Buffer Overflow Exploit Date: August 17, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom buffersize = 205 nopsled = "\x90" 4 Custom MessageBox x86/shikataganai succeeded with size 104 iteration=1 shellcode =...

0.2AI score
Exploits0
ubuntucve
ubuntucve
added 2014/12/31 12:0 a.m.29 views

CVE-2014-9826

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files...

9.8CVSS7.3AI score0.03708EPSS
Exploits0References2
osv
osv
added 2014/12/31 12:0 a.m.6 views

UBUNTU-CVE-2014-9826

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files...

9.8CVSS7.4AI score0.03708EPSS
Exploits0References3
prion
prion
added 2014/12/29 8:59 p.m.24 views

Design/Logic Flaw

The error-handling feature in 1 bp.php, 2 videowhisperstreaming.php, and 3 ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error messag...

5CVSS6.6AI score0.07195EPSS
Exploits6References1Affected Software1
opensuse
opensuse
added 2014/12/22 12:4 p.m.37 views

Security update for ntp (critical)

The network timeservice ntp was updated to fix critical security issues bnc910764, CERT VU852879 A potential remote code execution problem was found inside ntpd. The functions cryptorecv when using autokey authentication, ctlputdata, and configure where updated to avoid buffer overflows that coul...

7.5CVSS1.9AI score0.78717EPSS
Exploits2References1
redhat
redhat
added 2014/12/20 2:40 a.m.4 views

ntp: receive() missing return on error

A missing return statement in the receive function could potentially allow a remote attacker to bypass NTP's authentication mechanism...

5CVSS6.7AI score0.16161EPSS
Exploits1References6
opensuse
opensuse
added 2014/12/20 12:4 a.m.53 views

Security update for ntp (critical)

The network timeservice ntp was updated to fix critical security issues bnc910764, CERT VU852879 A potential remote code execution problem was found inside ntpd. The functions cryptorecv when using autokey authentication, ctlputdata, and configure where updated to avoid buffer overflows that coul...

7.5CVSS1.9AI score0.78717EPSS
Exploits2References1
nessus
nessus
added 2014/12/15 12:0 a.m.42 views

OracleVM 3.3 : rpm (OVMSA-2014-0083)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix race condidition where unchecked data is exposed in the file system CVE-2013-64351163059 - Fix thinko in the non-root python byte-compilation fix - Byte-compile versioned python libdirs in non-roo...

7.6CVSS7.2AI score0.07669EPSS
Exploits0References2
nessus
nessus
added 2014/11/26 12:0 a.m.27 views

OracleVM 3.1 : xen (OVMSA-2013-0087)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/HVM: only allow ring 0 guest code to make hypercalls Anything else would allow for privilege escalation. This is CVE-2013-4554 / XSA-76. CVE-2013-4554 - x86: restrict XENDOMCTLgetmemlist Coverity ...

5.2CVSS7.6AI score0.0067EPSS
Exploits0References4
nessus
nessus
added 2014/11/26 12:0 a.m.36 views

OracleVM 3.0 : xen (OVMSA-2012-0056)

The remote OracleVM system is missing necessary patches to address critical security updates : - xen: fix error handling of guestphysmapmarkpopulateondemand The only user of the 'out' label bypasses a necessary unlock, thus enabling the caller to lock up Xen. Also, the function was never meant to...

6.9CVSS7.6AI score0.00435EPSS
Exploits4References6
nessus
nessus
added 2014/11/26 12:0 a.m.39 views

OracleVM 2.2 : xen (OVMSA-2012-0058)

The remote OracleVM system is missing necessary patches to address critical security updates : XSA-27: hvm: Limit the size of large HVM op batches orabug 15907978 CVE-2012-5511 XSA-29: add missing guest address range checks to XENMEMexchange handlers orabug 15907996 CVE-2012-5513 XSA-30: xen: fix...

6.9CVSS7.8AI score0.00435EPSS
Exploits4References5
openvas
openvas
added 2014/10/15 12:0 a.m.26 views

Microsoft Windows Message Queuing Service Privilege Escalation Vulnerability (2993254)

This host is missing an important security update according to Microsoft Bulletin MS14-062. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS4.9AI score0.23046EPSS
Exploits21References2
nessus
nessus
added 2014/10/10 12:0 a.m.68 views

F5 Networks BIG-IP : OpenSSH vulnerability (K14609)

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

3.7CVSS6.9AI score0.15395EPSS
Exploits1References2
exploitdb
exploitdb
added 2014/10/08 12:0 a.m.733 views

OpenSSH < 6.6 SFTP (x64) - Command Execution

define GNUSOURCE // THIS PROGRAM IS NOT DESIGNED TO BE SAFE AGAINST VICTIM MACHINES THAT // TRY TO ATTACK BACK, THE CODE IS SLOPPY! // In other words, please don't use this against other people's machines. include include include include include include include include include define mina,b ab?a:...

7.4AI score
Exploits0
checkpoint_advisories
checkpoint_advisories
added 2014/09/15 12:0 a.m.34 views

Apache HTTP Server error handling malformed HTTP headers Denial of Service (CVE-2014-0117)

A denial of service vulnerability has been reported in Apache HTTP server. The vulnerability is due to an error handling malformed HTTP headers. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the target server...

4.3CVSS2.6AI score0.35543EPSS
Exploits2
seebug
seebug
added 2014/09/15 12:0 a.m.67 views

php云人才系统 小漏洞一步步getshell(后台)

简要描述: php云人才系统 小漏洞一步步getshell,这里包含了php与mysql交互时候的特性(也算一个漏洞),还有phpyun自身图片的验证机制问题,等等,步骤比较艰辛,本来想在这里搞一个csrf呢,找了半天没有找到,到时找到一大堆xss,这里就不利用xss了,且看分析 详细说明: 首先我们做一个小测试: 对于mysql存储来说,建站者都会给每一个字段设置长度,然后当我们插入进去的数据长度超过了设置的长度,那么mysql是不会报错,然而会自然截断存储,这个就给我们编写程序的人留下了隐患。 利用场景分析...

7.1AI score
Exploits0
veeam
veeam
added 2014/08/07 12:0 a.m.21 views

Storage vMotion of Instant Recovery fails with “The method is disabled by ‘’”

Challenge When attempting to migrate an Instant Recovery VM to a production datastore using VMware Storage vMotion, the following error occurs: The method is disabled by 'vm-' Call 'VirtualMachine.Relocate' for object 'vmname' on vCenter Server 'vCenterName' failed. Solution To correct this issue...

6.9AI score
Exploits0
nessus
nessus
added 2014/07/14 12:0 a.m.74 views

Apache mod_wsgi < 3.5 Apache Process Privilege Escalation

According to the web server banner, the version of modwsgi running on the remote host is prior to version 3.5. It is, therefore, affected by a privilege escalation vulnerability. The issue occurs due to the improper handling of error codes returned by 'setuid'. This flaw allows local attackers to...

6.2CVSS6.6AI score0.00411EPSS
Exploits0References2
Rows per page
Query Builder