Lucene search
K

6702 matches found

RedHat Linux
RedHat Linux
added 2014/04/17 11:30 a.m.5 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS6.8AI score0.04315EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:24 a.m.4 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS7.1AI score0.04315EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/04/16 11:23 a.m.2 views

OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...

5.8CVSS7.1AI score0.04315EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2014/04/09 10:57 a.m.21 views

CVE-2014-1723

The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers IRIs, which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left RTL Unicode text...

7.5CVSS7.2AI score0.01358EPSS
Exploits1References4
Prion
Prion
added 2014/04/09 10:57 a.m.21 views

Design/Logic Flaw

The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers IRIs, which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left RTL Unicode text...

7.5CVSS6.5AI score0.01358EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2014/04/09 10:0 a.m.64 views

CVE-2014-1723

CVE-2014-1723 corresponds to a vulnerability in Google Chrome prior to version 34.0.1847.116 where the UnescapeURLWithOffsetsImpl function in net/base/escape.cc failed to correctly handle bidirectional IRIs, enabling remote attackers to spoof URLs via crafted RTL Unicode text. Public fixes are re...

7.5CVSS6AI score0.01358EPSS
Exploits1References6Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/03/23 12:0 a.m.3 views

Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)

There exists a vulnerability in Squid Web Proxy Cache in the processing of DNS lookups. The flaw is caused by predictable transaction identifiers in DNS requests generated by Squid. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the targe...

6.4CVSS4.1AI score0.55127EPSS
Exploits2
NVD
NVD
added 2014/03/19 1:15 a.m.19 views

CVE-2014-2121

The Java-based software in Cisco Hosted Collaboration Solution HCS allows remote attackers to cause a denial of service closing of TCP ports via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643...

5CVSS6.7AI score0.02963EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2014/02/21 12:0 a.m.27 views

libXfont: Multiple vulnerabilities

Background libXfont is an X11 font rasterisation library. Description Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. Impact A local attacker could use a specially crafted file to gain privileges or cause a Denial of Servi...

9.3CVSS8.1AI score0.10254EPSS
Exploits1
Circl
Circl
added 2014/02/20 7:37 p.m.9 views

CVE-2014-0502

creationtimestamp| type| source ---|---|--- 2014-02-20 19:37:09+00:00| seen| MISP/530658f2-c4b0-4ef9-b374-22040aa69d0b 2014-02-24 07:34:19+00:00| seen| MISP/530af43c-a1f8-4160-990a-44ef950d2109 2014-02-25 07:01:38+00:00| seen| MISP/530c3f1c-7348-42d6-b567-db98950d2109 2014-05-17 11:51:26+00:00|...

10CVSS6AI score0.24204EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.31 views

GLSA-201402-16 : FreeType: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201402-16 FreeType: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could entice a user to...

4.3CVSS8.7AI score0.03857EPSS
Exploits0References4
OSV
OSV
added 2014/02/06 5:0 p.m.9 views

CVE-2013-6482

Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service NULL pointer dereference and crash via a crafted 1 SOAP response, 2 OIM XML response, or 3 Content-Length header...

6.3AI score
Exploits0References8
Gentoo Linux
Gentoo Linux
added 2014/02/06 12:0 a.m.55 views

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...

10CVSS7.6AI score0.99883EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2014/01/20 12:0 a.m.34 views

GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201401-11 Perl, Locale Maketext Perl module: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for details. Impact :...

7.5CVSS8.3AI score0.04877EPSS
Exploits3References5
Gentoo Linux
Gentoo Linux
added 2014/01/16 12:0 a.m.63 views

NTP: Traffic amplification

Background NTP is a protocol designed to synchronize the clocks of computers over a network. The net-misc/ntp package contains the official reference implementation by the NTP Project. Description ntpd is susceptible to a reflected Denial of Service attack. Please review the CVE identifiers and...

5CVSS6.6AI score0.97549EPSS
Exploits23
OSV
OSV
added 2014/01/07 6:55 p.m.4 views

DEBIAN-CVE-2013-6419

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by 1...

5CVSS6.4AI score0.01837EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/11/29 12:0 a.m.29 views

GLSA-201311-17 : Perl: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201311-17 Perl: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : A local attacker could cause a Denial of Service condition or...

6.9CVSS5.9AI score0.08878EPSS
Exploits6References6
Gentoo Linux
Gentoo Linux
added 2013/11/28 12:0 a.m.18 views

rssh: Access restriction bypass

Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Multiple command line parsing and validation vulnerabilities have been discovered in rssh. Please review the CVE...

4.4CVSS6.9AI score0.00388EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2013/11/25 12:0 a.m.51 views

Zabbix: Multiple vulnerabilities

Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary SQL statements, cause a...

7.5CVSS10.2AI score0.04111EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2013/11/19 12:0 a.m.28 views

GLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201311-10 GraphicsMagick: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to...

9.3CVSS7.5AI score0.07153EPSS
Exploits4References5
Rows per page
Query Builder