Lucene search
K

4653 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/10/09 9:0 a.m.19 views

Security Bulletin: IBM Netcool/OMNIbus Probe DSL Factory Framework is affected by Apache Camel's Core vulnerability

Summary IBM Netcool/OMNIbus Probe DSL Factory Framework probe-dsl-framework-40 has addressed the following vulnerability caused by Apache Camel's Core component. Vulnerability Details CVEID: CVE-2018-8027 DESCRIPTION: Apache Camel's Core could allow a remote attacker to obtain sensitive...

9.8CVSS1AI score0.05517EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/25 3:11 p.m.135 views

Security update for gnutls (moderate)

This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to...

5CVSS0.6AI score0.0499EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/09/25 12:0 a.m.30 views

SUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-1)

This update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

7.5CVSS6.6AI score0.0499EPSS
Exploits1References13
NVD
NVD
added 2018/09/20 1:29 p.m.18 views

CVE-2018-5871

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,...

6.5CVSS6.8AI score0.00277EPSS
Exploits0References2
NVD
NVD
added 2018/09/20 1:29 p.m.25 views

CVE-2018-11290

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, SnapdragonHighMed2016, MAC...

7.5CVSS7.6AI score0.00845EPSS
Exploits0References3
Prion
Prion
added 2018/09/20 1:29 p.m.30 views

Code injection

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,...

3.3CVSS6.7AI score0.00277EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/09/20 1:0 p.m.29 views

CVE-2018-11290

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, SnapdragonHighMed2016, MAC...

7.6AI score0.00845EPSS
Exploits0References3
NVD
NVD
added 2018/09/18 6:29 p.m.19 views

CVE-2018-11276

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe...

7.8CVSS7.5AI score0.00187EPSS
Exploits0References3
n0where
n0where
added 2018/08/22 6:21 p.m.37 views

Covert Backdoor Transmission Method: GhostTunnel

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...

1AI score
Exploits0References1
OSV
OSV
added 2018/08/22 1:29 p.m.6 views

DEBIAN-CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...

5.6CVSS5.7AI score0.00388EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/08/22 1:0 p.m.31 views

CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...

5.6CVSS5.8AI score0.00388EPSS
Exploits0
OSV
OSV
added 2018/08/22 12:0 a.m.5 views

UBUNTU-CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...

5.6CVSS6.5AI score0.00388EPSS
Exploits0References4
n0where
n0where
added 2018/08/18 11:1 p.m.477 views

Rogue Access Point Toolkit : hostapd-mana

hostapd-mana is a featureful rogue wifi access point tool. It can be used for a myriad of purposes from tracking and deanonymising devices aka Snoopy, gathering corporate credentials from devices attempting EAP aka WPE or attracting as many devices as possible to connect to perform MitM attacks...

1.6AI score
Exploits0References2
OSV
OSV
added 2018/08/08 12:29 a.m.4 views

ALPINE-CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

7.5CVSS6.7AI score0.06081EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2018/07/03 5:18 p.m.12 views

More Federal Agencies Wrapped Up in Facebook Data Privacy Probe

The Securities and Exchange Commission, FBI, and the Department of Justice are now reportedly investigating the social media giant after it failed to disclose that more than the data of 70 million platform users had leaked through a third-party application, sources told the Washington Post, Monda...

0.3AI score
Exploits0References6
Packet Storm
Packet Storm
added 2018/07/02 12:0 a.m.37 views

ntop-ng Authentication Bypass

Vulnerability title: ntop-ng 3.4.180617 - Authentication Bypass Author: Ioannis Profetis Contact: me at x86.re Vulnerable versions: 3.4.180617-4560 Fixed version: 3.4.180617 Link: ntop.org Date: 2.07.2018 CVE-2018-12520 Product Details ntopng is the next generation version of the original ntop, a...

0.6AI score0.10675EPSS
Exploits5
Nmap
Nmap
added 2018/06/23 7:46 p.m.646 views

broadcast-jenkins-discover NSE Script

Discovers Jenkins servers on a LAN by sending a discovery broadcast probe. For more information about Jenkins auto discovery, see: Script Arguments broadcast-jenkins.address address to which the probe packet is sent. default: 255.255.255.255 broadcast-jenkins.timeout socket timeout default: 5s...

10CVSS9.1AI score0.99448EPSS
Exploits33
Nmap
Nmap
added 2018/06/23 7:11 p.m.313 views

broadcast-hid-discoveryd NSE Script

Discovers HID devices on a LAN by sending a discoveryd network broadcast probe. For more information about HID discoveryd, see: Script Arguments broadcast-hid-discoveryd.timeout socket timeout default: 5s broadcast-hid-discoveryd.address address to which the probe packet is sent. default:...

10CVSS9.3AI score0.99448EPSS
Exploits33
Kitploit
Kitploit
added 2018/06/17 2:54 p.m.24 views

Probequest - Toolkit For Playing With Wi-Fi Probe Requests

Toolkit allowing to sniff and display the Wi-Fi probe requests passing near your wireless interface. Probe requests are sent by a station to elicit information about access points, in particular to determine if an access point is present or not in the nearby environment. Some devices mostly...

6.9AI score
Exploits0References1
OSV
OSV
added 2018/06/12 12:0 a.m.4 views

UBUNTU-CVE-2018-5814

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets...

7CVSS6.7AI score0.0038EPSS
Exploits0References9
Rows per page
Query Builder