Lucene search
K

516 matches found

OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.40 views

RedHat Update for kernel RHSA-2008:0508-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2008:0508-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

7.5CVSS0.5AI score0.02791EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.35 views

CentOS Update for kernel CESA-2008:0508 centos4 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2008:0508 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.5CVSS0.7AI score0.02791EPSS
Exploits4References2
securityvulns
securityvulns
added 2008/10/09 12:0 a.m.51 views

ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability

ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-064 October 8, 2008 -- CVE ID: CVE-2008-4479 -- Affected Vendors: Novell -- Affected Products: Novell eDirectory -- TippingPointTM IPS Customer Protection:...

10CVSS0.7AI score0.10331EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2008/10/08 12:0 a.m.80 views

Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw resides in the web console running on TCP ports 8028 and 8030. The server exposes a web interface and...

10CVSS4.6AI score0.09821EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2008/08/26 7:56 p.m.5 views

kernel: [x86_64] The string instruction version didn't zero the output on exception.

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS5.8AI score0.0057EPSS
Exploits1References4
Zero Day Initiative
Zero Day Initiative
added 2008/08/12 12:0 a.m.24 views

Microsoft Excel COUNTRY Record Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...

9.3CVSS4.8AI score0.35649EPSS
Exploits1References1
NVD
NVD
added 2008/06/30 10:41 p.m.14 views

CVE-2008-2729

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS7.1AI score0.0057EPSS
Exploits1References17
UbuntuCve
UbuntuCve
added 2008/06/30 10:41 p.m.24 views

CVE-2008-2729

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS5.9AI score0.0057EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/06/29 12:0 a.m.45 views

Linux内核内存拷贝异常本地信息泄漏漏洞

BUGTRAQ ID: 29943 CVE ID:CVE-2008-2729 CNCVE ID:CNCVE-20082729 Linux是一款开放源代码的操作系统。 部分AMD64系统上的Linux内核内存拷贝函数存在缺陷,本地攻击者可以利用漏洞获得敏感信息。 在部分AMC64系统上,如果从源地址拷贝内核内存到目的内存地址不成功,拷贝函数在目的内存位置区域没有对内容进行清零操作,这可导致非特权用户获得敏感信息。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop...

4.9CVSS7.4AI score0.0057EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2008/06/25 3:43 p.m.7 views

kernel: [x86_64] The string instruction version didn't zero the output on exception.

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS5.8AI score0.0057EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/06/25 3:43 p.m.86 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating...

7.2CVSS6.9AI score0.0057EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2008/06/25 3:13 p.m.2 views

Kernel doesn't clear DF for signal handlers

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

7.5CVSS5.7AI score0.02791EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/06/25 3:13 p.m.6 views

kernel: [x86_64] The string instruction version didn't zero the output on exception.

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS5.8AI score0.0057EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/05/07 6:56 a.m.2 views

Kernel doesn't clear DF for signal handlers

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

7.5CVSS5.7AI score0.02791EPSS
Exploits1References4
Prion
Prion
added 2008/04/04 5:44 p.m.16 views

Heap overflow

Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted PICT image file, related to an improperly terminated memory copy loop...

6.8CVSS8.2AI score0.06947EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2007/07/18 5:30 p.m.2 views

DEBIAN-CVE-2007-3764

The Skinny channel driver chanskinny in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a certain data length value...

5CVSS6.3AI score0.3152EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2007/05/28 12:0 a.m.27 views

Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow

source: https://www.securityfocus.com/bid/24192/info Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2007/05/28 12:0 a.m.36 views

mutt -- buffer overflow vulnerability

Securityfocus reports: Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the privileges of the victim. Failed...

3.5CVSS6.6AI score0.00806EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2007/04/18 12:0 a.m.33 views

BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgssdservice.exe process listening by default on TCP po...

7.5CVSS5.2AI score0.04338EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/03/06 12:0 a.m.49 views

FreeBSD : mod_jk -- long URL stack overflow vulnerability (cf86c644-cb6c-11db-8e9d-000c6ec775d9)

TippingPoint and The Zero Day Initiative reports : This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler f...

7.5CVSS7.7AI score0.81513EPSS
Exploits8References4
Rows per page
Query Builder