Lucene search
K

154 matches found

Tenable Nessus
Tenable Nessus
added 2018/02/12 12:0 a.m.29 views

Debian DSA-4108-1 : mailman - security update

Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster. C Tenable Network...

6.1CVSS6.6AI score0.04569EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2018/02/08 12:0 a.m.42 views

Debian: Security Advisory (DSA-4108-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.04569EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2017/01/24 12:0 a.m.46 views

openSUSE Security Update : python3-sleekxmpp (openSUSE-2017-137)

This update for python3-sleekxmpp fixes the following issues : - Check the origin of roster pushes 2015-8688, 2016-9928, boo1014976. Also see https://gultsch.de/gajimrosterpushandmessageinterce ption.html - An error in legacyauth support was fixed %NASLMINLEVEL 70300 C Tenable Network Security,...

7.4CVSS5.9AI score0.04512EPSS
Exploits2References4
Openbugbounty
Openbugbounty
added 2017/01/04 2:13 p.m.12 views

11827.digitalsports.com XSS vulnerability

Vulnerable URL: http://11827.digitalsports.com/pages/roster/?levelid=2'"--!...

6.9AI score
Exploits0
OSV
OSV
added 2016/12/30 10:22 p.m.11 views

MGASA-2016-0433 Updated mcabber packages fix security vulnerability

It was discovered that there was a "roster push attack" vulnerability in mcabber, a console-based Jabber XMPP client. A remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza CVE-2016-9928...

7.4CVSS7.2AI score0.04512EPSS
Exploits2References5
Mageia
Mageia
added 2016/12/30 10:22 p.m.45 views

Updated mcabber packages fix security vulnerability

It was discovered that there was a "roster push attack" vulnerability in mcabber, a console-based Jabber XMPP client. A remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza CVE-2016-9928...

7.4CVSS2.9AI score0.04512EPSS
Exploits2References4
Slackware Linux
Slackware Linux
added 2016/12/12 11:10 p.m.46 views

[slackware-security] mcabber

New mcabber packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/loudmouth-1.5.3-i586-1slack14.2.txz: Upgraded. This update is needed for the mcabber security update...

7.4CVSS7.3AI score0.04512EPSS
Exploits2
Debian
Debian
added 2016/11/27 10:13 a.m.14 views

[SECURITY] [DLA 724-1] mcabber security update

Package : mcabber Version : 0.10.1-3+deb7u1 Debian Bug : 845258 It was discovered that there was a "roster push attack" 0 in mcabber, a console-based Jabber XMPP client. For Debian 7 "Wheezy", this issue has been fixed in mcabber version 0.10.1-3+deb7u1. We recommend that you upgrade your mcabber...

7.2AI score
Exploits0
OSV
OSV
added 2016/11/27 12:0 a.m.30 views

DLA-724-1 mcabber - security update

Bulletin has no description...

7.4CVSS7.2AI score0.04512EPSS
Exploits2
NVD
NVD
added 2016/05/20 10:59 a.m.21 views

CVE-2016-1844

The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors...

5.3CVSS6AI score0.01912EPSS
Exploits0References4
OSV
OSV
added 2016/05/20 10:59 a.m.4 views

CVE-2016-1844

The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors...

5.3CVSS7.3AI score0.01912EPSS
Exploits0References4
Prion
Prion
added 2016/05/20 10:59 a.m.13 views

Design/Logic Flaw

The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors...

5CVSS6.4AI score0.01912EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/05/20 10:0 a.m.24 views

CVE-2016-1844

The Messages component in Apple OS X before 10.11.5 mishandles roster changes, which allows remote attackers to modify contact lists via unspecified vectors...

5.6AI score0.01912EPSS
Exploits0References4
CVE
CVE
added 2016/05/20 10:0 a.m.57 views

CVE-2016-1844

CVE-2016-1844 affects OS X El Capitan (Messages) where a validation issue in roster changes could allow a remote attacker to modify another user’s contact list. Apple’s security content (HT206567) indicates this CVE is addressed in OS X El Capitan v10.11.5 and Security Update 2016-003, implying a...

5.3CVSS5.8AI score0.01912EPSS
Exploits0References4Affected Software1
hackapp
hackapp
added 2016/04/01 8:50 a.m.6 views

Roster-Calendar - Apache license, BSD license, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Roster-Calendar published at the 'play' market has multiple vulnerabilities...

7.2AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2016/03/08 12:0 a.m.19 views

Debian: Security Advisory (DSA-3492-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS5.8AI score0.01723EPSS
Exploits1References3
Debian
Debian
added 2016/02/25 4:27 p.m.53 views

[SECURITY] [DSA 3492-1] gajim security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3492-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 25, 2016 https://www.debian.org/security/faq -...

5.8CVSS5.2AI score0.01723EPSS
Exploits1
Debian
Debian
added 2016/02/09 6:27 a.m.48 views

[SECURITY] [DLA 413-1] gajim security update

Package : gajim Version : 0.13.4-3+squeeze4 CVE ID : CVE-2015-8688 Debian Bug : 809900 Affected versions of gajim allow remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza. This has been fixed in squeeze-lts by version 0.13.4-3+squeeze4. - -- Brian May...

5.8CVSS5.6AI score0.01723EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/02/09 12:0 a.m.28 views

Debian DLA-413-1 : gajim security update

Affected versions of gajim allow remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza. This has been fixed in squeeze-lts by version 0.13.4-3+squeeze4. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...

5.8CVSS5.5AI score0.01723EPSS
Exploits1References3
OSV
OSV
added 2016/02/09 12:0 a.m.19 views

DLA-413-1 gajim - security update

Bulletin has no description...

5.8CVSS5.6AI score0.01723EPSS
Exploits1
Rows per page
Query Builder