Lucene search
+L

4554 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.39 views

Mandriva Linux Security Advisory : jython (MDVSA-2015:158)

Updated jython packages fix security vulnerability : There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

4.6CVSS9AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.24 views

Mandriva Linux Security Advisory : grub2 (MDVSA-2015:163)

Updated grub2 package fixes security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The grub2 package is...

8.8CVSS7.3AI score0.05315EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.35 views

Mandriva Linux Security Advisory : lcms2 (MDVSA-2015:107)

Updated lcms2 packages fix security vulnerability : Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D CVE-2014-0459. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

4.3CVSS8.5AI score0.04097EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.29 views

Mandriva Linux Security Advisory : gtk+3.0 (MDVSA-2015:162)

Updated gtk+3.0 packages fix security vulnerability : Clemens Fries reported that, when using Cinnamon, it was possible to bypass the screensaver lock. An attacker with physical access to the machine could use this flaw to take over the locked desktop session CVE-2014-1949. This was fixed by...

7.2CVSS5.3AI score0.00331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.48 views

Mandriva Linux Security Advisory : libpng (MDVSA-2015:090)

Updated libpng package fixes security vulnerabilities : The pngpushreadchunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an IDAT chunk with a length of zero CVE-2014-0333...

10CVSS8.3AI score0.03889EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.30 views

Mandriva Linux Security Advisory : libgd (MDVSA-2015:153)

Updated libgd packages fix security vulnerabilities : The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file CVE-2014-2497. A buffer read...

5CVSS7.1AI score0.22319EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.31 views

Mandriva Linux Security Advisory : cabextract (MDVSA-2015:064)

Updated cabextract packages fix security vulnerabilities : Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...

5.3CVSS5.6AI score0.02817EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.25 views

Mandriva Linux Security Advisory : ipython (MDVSA-2015:160)

Updated ipython package fixes security vulnerability : In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted...

6.8CVSS5.8AI score0.04665EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.21 views

Mandriva Linux Security Advisory : apache-mod_security (MDVSA-2015:106)

Updated apache-modsecurity packages fix security vulnerability : Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing content that should...

5CVSS6.2AI score0.0267EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.26 views

Mandriva Linux Security Advisory : e2fsprogs (MDVSA-2015:068)

Updated e2fsprogs packages fix security vulnerability : The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to...

4.6CVSS8.6AI score0.00596EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.39 views

Mandriva Linux Security Advisory : glpi (MDVSA-2015:167)

Updated glpi package fixes security vulnerabilities : Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria CVE-2014-5032. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included...

7.5CVSS5.9AI score0.03167EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.29 views

Mandriva Linux Security Advisory : libtiff (MDVSA-2015:147-1)

Updated libtiff packages fix security vulnerabilities : The libtiff image decoder library contains several issues that could cause the decoder to crash when reading crafted TIFF images CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-9655, CVE-2015-1547. %NASLMINLEVEL 70300 C...

8.8CVSS7.2AI score0.05669EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.33 views

Mandriva Linux Security Advisory : cpio (MDVSA-2015:065)

Updated cpio package fixes security vulnerabilities : Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive CVE-2014-9112. Additionally, a NULL pointer dereference in the copyinlink...

5CVSS6.7AI score0.07093EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.25 views

Mandriva Linux Security Advisory : openldap (MDVSA-2015:074)

A vulnerability has been discovered and corrected in openldap : The derefparseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an empty attribute list in a deref control in...

5CVSS5.6AI score0.11091EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.21 views

Mandriva Linux Security Advisory : rsyslog (MDVSA-2015:130)

Updated rsyslog packages fix security vulnerability : Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial...

7.5CVSS5.4AI score0.07546EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.25 views

Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:116)

Updated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...

7.5CVSS6.7AI score0.068EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.31 views

Mandriva Linux Security Advisory : git (MDVSA-2015:169)

Updated git packages fix security vulnerability : It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a git pull. Because git permitted committing .Git/config or any case variation, on the pu...

9.8CVSS8.3AI score0.63178EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.24 views

Mandriva Linux Security Advisory : ppp (MDVSA-2015:135)

Updated ppp packages fix security vulnerability : A vulnerability in ppp before 2.4.7 may enable an unprivileged attacker to access privileged options CVE-2014-3158. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

7.5CVSS8.1AI score0.03502EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.37 views

Mandriva Linux Security Advisory : cifs-utils (MDVSA-2015:114)

Updated cifs-utils packages fix security vulnerability : Sebastian Krahmer discovered a stack-based buffer overflow flaw in cifscreds.c CVE-2014-2830. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux...

10CVSS7.7AI score0.05142EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.28 views

Mandriva Linux Security Advisory : libxfont (MDVSA-2015:145-1)

Updated libxfont packages fix security vulnerabilities : Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges CVE-2014-0209. Ilja...

8.5CVSS6.7AI score0.04923EPSS
Exploits0References8
Rows per page
Query Builder