Lucene search
+L

116 matches found

Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.63 views

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

8.3CVSS6.9AI score0.0435EPSS
Exploits0References18
OPENSUSE Linux
OPENSUSE Linux
added 2020/11/27 12:0 a.m.53 views

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2083-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...

8.3CVSS7.1AI score0.0435EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/08/12 12:0 a.m.82 views

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2020:1191-1 Rating: important References: 1174157 Cross-References: CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 Affected Products:...

8.3CVSS8.2AI score0.05166EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/08/07 12:0 a.m.281 views

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

8.3CVSS6.6AI score0.05166EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2020/06/22 6:47 a.m.2 views

gnutls: session resumption works without master key allowing MITM

A flaw was found in GnuTLS, in versions starting from 3.6.4, where it does not session the ticket encryption key in a secure fashion by the application which is connecting. This flaw allows an attacker to craft a man-in-the-middle-attack, with the ability to bypass the TLS1.3 authentication and...

7.4CVSS7.1AI score0.17507EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.40 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1586)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.5AI score0.02252EPSS
Exploits1References2
OSV
OSV
added 2019/07/17 10:22 p.m.9 views

USN-4064-1 thunderbird vulnerabilities

A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially...

9.8CVSS7AI score0.20271EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.35 views

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1304)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID...

8CVSS6.4AI score0.02252EPSS
Exploits3References10
OSV
OSV
added 2018/11/29 11:29 p.m.6 views

UBUNTU-CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

6.5CVSS7.2AI score0.01523EPSS
Exploits0References3
OSV
OSV
added 2018/09/01 3:29 a.m.4 views

CVE-2018-15161

The libesedbkeyappenddata function in libesedbkey.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments...

6.5CVSS6AI score0.01456EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2018/03/15 12:12 p.m.63 views

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk fixes the following issues: Security issues fixed in OpenJDK 7u171 January 2018 CPUbsc1076366: - CVE-2018-2579: Improve key keying case - CVE-2018-2588: Improve LDAP logins - CVE-2018-2599: Improve reliability of DNS lookups - CVE-2018-2602: Improve usage messages...

5.8CVSS7.3AI score0.06905EPSS
Exploits0References1
OSV
OSV
added 2017/12/19 7:41 a.m.5 views

SUSE-SU-2017:3370-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: - CVE-2017-12880: fix symmetric/asymmetric confusion when handling PKCS1 public keys bsc1054106...

6.5AI score
Exploits0References3
OSV
OSV
added 2017/10/24 8:46 a.m.6 views

SUSE-SU-2017:2839-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in readkey in old legacy key handling before using values could be used for a remote buffer overflow bsc1060877...

9.8CVSS9.7AI score0.03629EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.42 views

FreeBSD : chromium -- multiple vulnerabilities (a692bffe-b6ad-11e7-a1c2-e8e0b747a45a)

Google Chrome Releases reports : 35 security fixes in this release, including : - 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 - 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 - 760455 High CVE-2017-5126: Use after free in...

8.8CVSS6.6AI score0.05245EPSS
Exploits6References22
FreeBSD
FreeBSD
added 2017/10/17 12:0 a.m.36 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 35 security fixes in this release, including: 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 760455 High CVE-2017-5126: Use after free in PDFium...

8.8CVSS8.3AI score0.05245EPSS
Exploits6References1
OSV
OSV
added 2017/10/12 12:29 a.m.3 views

DEBIAN-CVE-2017-12192

The keyctlreadkey function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service OOPS and system crash via a crafted...

5.5CVSS5.4AI score0.00449EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/10/11 12:0 a.m.40 views

CVE-2017-15274

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted addkey or keyctl system call, a different...

5.5CVSS6.5AI score0.00452EPSS
Exploits0References8
OSV
OSV
added 2017/07/06 9:37 a.m.5 views

SUSE-SU-2017:1794-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2017-7526: Hardening against a local side-channel attack in RSA key handling has been added bsc1046607...

6.8CVSS6.7AI score0.03885EPSS
Exploits0References3
OSV
OSV
added 2017/07/06 9:35 a.m.3 views

SUSE-SU-2017:1793-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2017-7526: Hardening a against local side-channel attack in RSA key handling has been added bsc1046607...

6.8CVSS6.7AI score0.03885EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/04/13 12:0 a.m.38 views

RedHat Update for kernel RHSA-2017:0933-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.01566EPSS
Exploits10References3
Rows per page
Query Builder