Lucene search
K

1087 matches found

OSV
OSV
added 2014/08/25 2:55 p.m.9 views

PYSEC-2014-107

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

4.9CVSS6AI score0.01592EPSS
Exploits0References5
Prion
Prion
added 2014/08/25 2:55 p.m.22 views

Code injection

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

4.9CVSS6.6AI score0.01592EPSS
Exploits0References5Affected Software2
PyPA
PyPA
added 2014/08/25 2:55 p.m.5 views

PYSEC-2014-107

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

4.9CVSS6.7AI score0.01592EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2014/08/15 12:0 a.m.36 views

CVE-2014-5251

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

4.9CVSS5.9AI score0.01592EPSS
Exploits0References4
OSV
OSV
added 2014/08/15 12:0 a.m.4 views

UBUNTU-CVE-2014-5251

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

4.9CVSS5.8AI score0.01592EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/07/23 4:15 p.m.11 views

qemu: hpet: buffer overrun on invalid state load

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

7.5CVSS7.2AI score0.05261EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2014/05/30 10:22 a.m.7 views

Monsanto Suffers Data Breach at Precision Planting Unit

Monsanto, the massive international agricultural conglomerate, has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary. The breach included names, addresses, possibly Social Security numbers and some financial account...

1.5AI score
Exploits0References3
Packet Storm
Packet Storm
added 2014/03/26 12:0 a.m.19 views

DotItYourself 6.11.060830 Command Execution

Remote Comand Execution on DotItYourself + Date: 26/03/2014 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on Windows 7 and Linux + Software info : https://www.precisionwebhosting.com/cgi.htm + Vulnerable File: dot-it-yourself.cgi + Version : Version...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/03/18 7:43 p.m.4 views

array index error in dtoa implementation of many products

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

6.8CVSS7.2AI score0.28167EPSS
Exploits43References4
RedHat Linux
RedHat Linux
added 2014/03/18 7:43 p.m.4 views

array index error in dtoa implementation of many products

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

6.8CVSS7.2AI score0.28167EPSS
Exploits43References4
OSV
OSV
added 2014/02/20 12:0 a.m.1 views

UBUNTU-CVE-2013-4527

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

7.5CVSS7.2AI score0.05261EPSS
Exploits0References5
NVD
NVD
added 2013/08/28 1:13 p.m.12 views

CVE-2013-3582

Buffer overflow in Dell BIOS on Dell Latitude D, E, XT2, and Z600 devices, and Dell Precision M devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbupacket.pktNum value in...

7.6CVSS6.7AI score0.02589EPSS
Exploits1References5
Prion
Prion
added 2013/08/28 1:13 p.m.14 views

Buffer overflow

Buffer overflow in Dell BIOS on Dell Latitude D, E, XT2, and Z600 devices, and Dell Precision M devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbupacket.pktNum value in...

7.6CVSS7.3AI score0.02589EPSS
Exploits1References5
CVE
CVE
added 2013/08/28 10:0 a.m.48 views

CVE-2013-3582

CVE-2013-3582 describes a buffer overflow in Dell BIOS updates that affects Latitude D530/D531/D630/D631/D830, E5400/E5500/E4200/E4300/E6400/E6400 ATG/XFR, XT2, Z600, and Precision M2300/M4300/M6300/M6400/M6500/M2400/M4400; the flaw is in rbu_packet.pktNum and rbu_packet.pktSize handling, allowin...

7.6CVSS6.9AI score0.02589EPSS
Exploits1References5Affected Software22
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.20 views

Fedora Update for libtommath FEDORA-2013-14482

Check for the Version of libtommath OpenVAS Vulnerability Test Fedora Update for libtommath FEDORA-2013-14482 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.12 views

Fedora Update for libtommath FEDORA-2013-14488

Check for the Version of libtommath OpenVAS Vulnerability Test Fedora Update for libtommath FEDORA-2013-14488 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.4AI score
Exploits0References2
Fedora
Fedora
added 2013/08/18 9:30 p.m.14 views

[SECURITY] Fedora 18 Update: libtommath-0.42.0-2.fc18

A free open source portable number theoretic multiple-precision integer lib rary written entirely in C. phew!. The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration...

2.1AI score
Exploits0
CERT
CERT
added 2013/08/15 12:0 a.m.83 views

Dell BIOS in some Latitude laptops and Precision Mobile Workstations vulnerable to buffer overflow

Overview Dell BIOS in some older Latitude laptops and Precision Mobile Workstations are vulnerable to buffer overflows CWE-119, which can bypass the signed BIOS enforcement standard. Description CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer Dell BIOS in some olde...

7.6CVSS7AI score0.02589EPSS
Exploits1References3
Cisco
Cisco
added 2013/06/25 5:26 p.m.21 views

Cisco Jabber Video Engine Denial of Service Vulnerability

A vulnerability in Cisco's Precision Video Engine CVPE code could allow an unauthenticated, remote attacker to cause the crash of various processes and the disconnection of any active calls. The vulnerability is due to improper handling of crafted Real-Time Protocol RTP packets sent at a high rat...

5CVSS1.5AI score0.01232EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2013/05/31 4:27 p.m.15 views

Oracle Java Security Enhancements Get Mixed Reviews

Oracle is working hard to restore some faith in the security of the Java browser plug-in with a number of enhancements announced yesterday, specifically to in-house code testing, as well as policy changes regarding signed applets and certificate validation. But after a miserable year of targeted...

Exploits0References1
Rows per page
Query Builder