Lucene search
K

69 matches found

Tenable Nessus
Tenable Nessus
added 2016/06/22 12:0 a.m.46 views

OracleVM 3.2 : kernel-uek (OVMSA-2016-0060)

The remote OracleVM system is missing necessary patches to address critical security updates : - IPoIB: increase send queue size to 4 times Ajaykumar Hotchandani - IB/ipoib: Change send workqueue size for CM mode Ajaykumar Hotchandani Orabug: 22287489 - Avoid 60sec timeout when receiving rtpg sen...

7.8CVSS6.5AI score0.03693EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2016/05/20 12:0 a.m.65 views

Unbreakable Enterprise kernel security update

2.6.39-400.278.3 - net: add validation for the socket syscall protocol argument Hannes Frederic Sowa Orabug: 23267976 CVE-2015-8543 CVE-2015-8543 - ipv6: addrconf: validate new MTU before applying it Marcelo Leitner Orabug: 23263251 CVE-2015-8215 - ext4: avoid hang when mounting non-journal...

6.9CVSS0.7AI score0.03693EPSS
Exploits0
OSV
OSV
added 2016/02/22 9:24 p.m.5 views

USN-2910-1 linux-lts-vivid vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS6.7AI score0.0123EPSS
Exploits4References8
OSV
OSV
added 2016/02/22 7:44 p.m.4 views

USN-2907-1 linux vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS6.7AI score0.0123EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.30 views

MantisBT 1.1.2 - 1.2.17 XSS Vulnerability - Windows

MantisBT is prone to a cross-site scripting XSS vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

4.3CVSS5.3AI score0.01995EPSS
Exploits0References4
NVD
NVD
added 2015/01/09 6:59 p.m.28 views

CVE-2014-9272

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

4.3CVSS5.2AI score0.01995EPSS
Exploits0References6
CVE
CVE
added 2010/12/06 9:0 p.m.470 views

CVE-2010-4252

OpenSSL CVE-2010-4252: When J-PAKE is enabled, OpenSSL

7.5CVSS8.9AI score0.08076EPSS
In wildExploits1References16Affected Software1
Gentoo Linux
Gentoo Linux
added 2007/03/18 12:0 a.m.34 views

LTSP: Authentication bypass in included LibVNCServer code

Background The Linux Terminal Server Project adds thin-client support to Linux servers. Description The LTSP server includes vulnerable LibVNCServer code, which fails to properly validate protocol types effectively letting users decide what protocol to use, such as "Type 1 - None" GLSA-200608-05...

7.5CVSS6.5AI score0.04283EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/08/04 12:0 a.m.34 views

GLSA-200608-05 : LibVNCServer: Authentication bypass

The remote host is affected by the vulnerability described in GLSA-200608-05 LibVNCServer: Authentication bypass LibVNCServer fails to properly validate protocol types effectively letting users decide what protocol to use, such as 'Type 1 - None'. LibVNCServer will accept this security type, even...

7.5CVSS8.2AI score0.04283EPSS
Exploits0References2
Rows per page
Query Builder