Lucene search
K

1616 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.3 views

The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code or trigger a service denial.

Mozilla Firefox ESR’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating server permissions...

10CVSS7.6AI score0.04648EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/15 12:0 a.m.18 views

openSUSE Security Update : clamav-database (openSUSE-2016-726)

This update for clamav-database refreshes the database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-726...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.15 views

openSUSE Security Update : clamav-database (openSUSE-2016-451)

This update provides a database refresh for the clamav-database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.32 views

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

6.8CVSS7.1AI score0.03666EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.30 views

RedHat Update for sssd RHSA-2015:2355-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.03666EPSS
Exploits0References2
OSV
OSV
added 2015/11/06 9:59 p.m.1 views

DEBIAN-CVE-2015-5225

Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...

7.2CVSS8.3AI score0.00533EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/09/14 4:22 a.m.2 views

Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface

A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...

7.2CVSS7.9AI score0.00533EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/08/25 12:0 a.m.31 views

CVE-2015-5225

Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...

7.2CVSS7AI score0.00533EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/07 12:0 a.m.229 views

Mac OS X Multiple EFI Vulnerabilities (EFI Security Update 2015-001)

The remote Mac OS X host is running EFI firmware that is affected by multiple vulnerabilities : - An insufficient locking issue exists, when resuming from sleep states, which allows a local attacker to write to the EFI flash memory by using an crafted application with root privileges. CVE-2015-36...

9.3CVSS6.2AI score0.07659EPSS
Exploits0References3
Prion
Prion
added 2015/07/03 2:0 a.m.20 views

Design/Logic Flaw

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message...

4.3CVSS6.2AI score0.01913EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2015/07/03 1:59 a.m.23 views

Memory corruption

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service memory corruption, by...

9.3CVSS7.1AI score0.07659EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2015/07/03 1:0 a.m.65 views

CVE-2015-3710

CVE-2015-3710 affects Apple Mail on iOS <= 8.3/8.4? and OS X

4.3CVSS3.7AI score0.01913EPSS
Exploits0References6Affected Software1
Hacker One
Hacker One
added 2015/04/06 11:56 p.m.32 views

Internet Bug Bounty: Race Conditions in OAuth 2 API implementations

Most of OAuth 2 API implementations seem to have multiple Race Condition vulnerabilities for processing requests for Access Token or Refresh Token. Race Condition allows a malicious application to obtain several accesstoken and refreshtoken pairs while only one pair should be generated. Further, ...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/02/24 1:44 p.m.3 views

JDK: Privilege escalation issue

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...

7.5CVSS6AI score0.05053EPSS
Exploits0References5
Cisco
Cisco
added 2015/01/14 3:54 p.m.31 views

Cisco WebEx Meetings Server User Enumeration Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to guess valid user accounts on the targeted system. The vulnerability exists because the affected software fails to refresh the CAPTCHA on the login page. An attacker could exploit this vulnerability b...

5CVSS6.5AI score0.01369EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/08/11 4:54 p.m.3 views

JDK: Privilege escalation issue

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...

7.5CVSS6AI score0.05053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/08/11 4:44 p.m.4 views

JDK: Privilege escalation issue

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...

7.5CVSS6AI score0.05053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/08/07 9:24 p.m.4 views

JDK: Privilege escalation issue

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...

7.5CVSS6AI score0.05053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/08/07 4:52 p.m.3 views

JDK: Privilege escalation issue

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager...

7.5CVSS6AI score0.05053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/07/29 3:40 p.m.2 views

JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier f...

5.8CVSS7.3AI score0.02093EPSS
Exploits0References4
Rows per page
Query Builder