Lucene search
K

3044 matches found

Tenable Nessus
Tenable Nessus
added 2016/01/19 12:0 a.m.29 views

Amazon Linux AMI : ruby19 / ruby20,ruby21,ruby22 (ALAS-2016-632)

DL::dlopen could open a library with tainted library name even if $SAFE 0. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2016-632. include"compat.inc"; if description scriptid87966;...

8.4CVSS8AI score0.005EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/01/14 6:34 p.m.33 views

Critical: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.1.2 Hotfix 11 update

An update for Red Hat JBoss Operations Network 3.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS6.7AI score0.83274EPSS
Exploits8References3
OSV
OSV
added 2015/12/31 12:0 a.m.3 views

UBUNTU-CVE-2015-9542

addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy. An attacker could send a crafted password to an application loading the pamradius library and crash it. Arbitrary code...

7.5CVSS6.6AI score0.03449EPSS
Exploits0References4
OSV
OSV
added 2015/12/31 12:0 a.m.2 views

UBUNTU-CVE-2015-8683

The putcontig8bitCIELab function in tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via a packed TIFF image...

5.5CVSS6.8AI score0.02857EPSS
Exploits0References4
CNVD
CNVD
added 2015/12/18 12:0 a.m.5 views

libxml2 Denial of Service Vulnerability (CNVD-2015-08400)

libxml2 is an XML parser and markup toolset. A denial of service vulnerability exists in versions of libxml2 prior to 2.9.3. An attacker is able to cause a denial of service via unspecified vectors regarding incorrect entity boundaries and start tags...

5CVSS7.9AI score0.05917EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/12/14 12:0 a.m.4 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure

The vulnerability of the inittile function in the libavcodec/jpeg2000dec.c file of the FFmpeg multimedia library exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failure using specially crafted JPEG 2000 data...

7.5CVSS7.4AI score0.02001EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2015/12/09 2:12 p.m.7 views

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

7.5CVSS7.8AI score0.06054EPSS
Exploits0References4
OSV
OSV
added 2015/11/13 3:59 a.m.5 views

AZL-45078 CVE-2015-8126 affecting package fltk for versions less than 1.3.8-1

Multiple buffer overflows in the 1 pngsetPLTE and 2 pnggetPLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service application crash or possibly have...

7.5CVSS7.2AI score0.10339EPSS
Exploits0References1
OSV
OSV
added 2015/11/04 8:54 p.m.1 views

USN-2790-1 nspr vulnerability

Ryan Sleevi discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.06792EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/10/22 6:44 p.m.9 views

OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

6.4CVSS7.2AI score0.03926EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/10/22 6:34 p.m.14 views

OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

6.4CVSS7.2AI score0.03926EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/10/21 8:57 p.m.5 views

OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

10CVSS7.2AI score0.09991EPSS
Exploits0References5
OSV
OSV
added 2015/10/21 12:0 a.m.4 views

UBUNTU-CVE-2015-4806

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

6.4CVSS6.7AI score0.03926EPSS
Exploits0References4
OSV
OSV
added 2015/09/30 12:0 a.m.3 views

UBUNTU-CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

4.3CVSS6.6AI score0.19312EPSS
Exploits0References4
OSV
OSV
added 2015/08/28 9:59 p.m.9 views

UBUNTU-CVE-2014-9651

Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument to the "substring-index-ci procedures."...

7.5CVSS7.2AI score0.0147EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/08/28 12:0 a.m.7 views

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code or cause system failures

The vulnerability of the TRE library in Libc-based iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures remotely...

7.5CVSS8.3AI score0.12416EPSS
Exploits1References5Affected Software2
ArchLinux
ArchLinux
added 2015/08/12 12:0 a.m.45 views

firefox: multiple issues

CVE-2015-4473 Memory safety bugs fixed in Firefox ESR 38.2 and Firefox 40: Gary Kwong, Christian Holler, and Byron Campen reported memory safety problems and crashes that affect Firefox ESR 38.1 and Firefox 39. - CVE-2015-4474 Memory safety bugs fixed in Firefox 40: Tyson Smith, Bobby Holley,...

10CVSS10AI score0.09027EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2015/08/04 5:13 p.m.10 views

OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732...

10CVSS6.7AI score0.25469EPSS
Exploits0References6
OSV
OSV
added 2015/05/05 12:0 a.m.5 views

UBUNTU-CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

7.5CVSS6.8AI score0.0391EPSS
Exploits0References4
OSV
OSV
added 2015/05/01 12:0 a.m.6 views

UBUNTU-CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

5CVSS7.3AI score0.04013EPSS
Exploits0References4
Rows per page
Query Builder