Lucene search
K

627 matches found

RedHat Linux
RedHat Linux
added 2019/09/27 12:14 a.m.198 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.18 security update

An update for golang-github-openshift-oauth-proxy-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.7AI score0.95707EPSS
Exploits7References2
Kitploit
Kitploit
added 2019/08/25 1:0 p.m.213 views

Sublert - Security And Reconnaissance Tool Which Leverages Certificate Transparency To Automatically Monitor New Subdomains Deployed By Specific Organizations And Issued TLS/SSL Certificate

Sublert is a security and reconnaissance tool that was written in Python to leverage certificate transparency for the sole purpose of monitoring new subdomains deployed by specific organizations and issued TLS/SSL certificate. The tool is supposed to be scheduled to run periodically at fixed time...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.40 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : python Vulnerability (NS-SA-2019-0022)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python packages installed that are affected by a vulnerability: - A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some...

7.5CVSS6.9AI score0.95707EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.354 views

NewStart CGSL MAIN 4.05 : gnutls Multiple Vulnerabilities (NS-SA-2019-0109)

The remote NewStart CGSL host, running version MAIN 4.05, has gnutls packages installed that are affected by multiple vulnerabilities: - Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have...

9.8CVSS7.1AI score0.39657EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2019/05/20 2:12 p.m.176 views

Moderate: Red Hat Security Advisory: Red Hat Quay 3.0.2 security and bug fix update

An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.95707EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.42 views

EulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttl...

10CVSS7.5AI score0.95707EPSS
Exploits21References17
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.34 views

EulerOS Virtualization for ARM 64 3.0.1.0 : python (EulerOS-SA-2019-1403)

According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an...

9.8CVSS6.9AI score0.95707EPSS
Exploits8References5
Veracode
Veracode
added 2019/05/02 6:30 a.m.38 views

Man-in-the-Middle (MitM)

PostgreSQL is vulnerable to man-in-the-middle attacks. This is because PostgreSQL client library libpq does not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An attacker could use this flaw to strip the SSL/TLS protection fr...

5.9CVSS8AI score0.02042EPSS
Exploits0References14Affected Software7
Veracode
Veracode
added 2019/05/02 6:2 a.m.26 views

Null Pointer Dereference

NSS is vulnerable to NULL pointer dereference attacks. A remote client could use this flaw to crash a TLS/SSL server using NSS which leads to denial of service attacks...

7.5CVSS7.1AI score0.02279EPSS
Exploits0References17Affected Software2
Veracode
Veracode
added 2019/05/02 5:51 a.m.31 views

Session Hijacking

curl and libcurl are vulnerable to session hijacking. TLS/SSL backend incorrectly reuses client certificates for subsequent TLS connections in certain cases. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection wi...

7.5CVSS8.4AI score0.08404EPSS
Exploits0References20Affected Software4
Veracode
Veracode
added 2019/05/02 5:41 a.m.31 views

Arbitrary Code Execution

Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Red Ha...

9.3CVSS6.4AI score0.06138EPSS
Exploits0References353Affected Software31
Veracode
Veracode
added 2019/05/02 5:41 a.m.29 views

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java...

9.8CVSS5.3AI score0.9986EPSS
Exploits1References20Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.31 views

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java...

9.8CVSS5.3AI score0.9986EPSS
Exploits1References20Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.30 views

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java...

9.8CVSS5.3AI score0.9986EPSS
Exploits1References20Affected Software1
Veracode
Veracode
added 2019/05/02 5:39 a.m.42 views

Denial Of Service (DoS)

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS clie...

7.5CVSS8.1AI score0.74483EPSS
Exploits1References13Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.32 views

Improper Access Control

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untruste...

9.3CVSS4.6AI score0.04783EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2019/05/02 5:12 a.m.35 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

6.8CVSS4.7AI score0.04102EPSS
Exploits0References36Affected Software3
Veracode
Veracode
added 2019/05/02 5:12 a.m.49 views

Privilege Escalation

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

6.8CVSS4.7AI score0.04102EPSS
Exploits0References32Affected Software3
Veracode
Veracode
added 2019/05/02 5:12 a.m.42 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

6.8CVSS4.7AI score0.04102EPSS
Exploits0References34Affected Software3
Veracode
Veracode
added 2019/05/02 5:0 a.m.36 views

Authentication Bypass

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled...

7.5CVSS7AI score0.04399EPSS
Exploits0References24Affected Software3
Rows per page
Query Builder