CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4308 matches found

Kitploit•added 2014/12/09 2:26 a.m.•10 views

AutoScan-Network - Automatically scan your network

AutoScan-Network is a network scanner discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network. System Requirements : •Mac OS X 10.5 or later •Microsoft Windows XP, Vista •GNU/Linux •Maemo 4...

7.2AI score

Exploits0

Tenable Nessus•added 2014/12/05 12:0 a.m.•54 views

Amazon Linux AMI : kernel (ALAS-2014-455)

The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk. CVE-2014-7841 The pivotroot...

7.8CVSS6.5AI score0.0523EPSS

Exploits10References5

RedHat Linux•added 2014/12/02 11:42 p.m.•1 views

Mozilla: Use-after-free during HTML5 parsing (MFSA 2014-87)

Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document duri...

6.8CVSS7.3AI score0.03377EPSS

Exploits0References5

Tenable Nessus•added 2014/11/28 12:0 a.m.•51 views

Mandriva Linux Security Advisory : kernel (MDVSA-2014:230)

Multiple vulnerabilities has been found and corrected in the Linux kernel : The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause...

7.8CVSS6.7AI score0.08579EPSS

Exploits7References12

Ubuntu•added 2014/11/25 3:20 a.m.•98 views

USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

7.5CVSS6.9AI score0.05421EPSS

Exploits1

Tenable Nessus•added 2014/11/25 12:0 a.m.•276 views

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2419-1)

7.5CVSS6.9AI score0.05421EPSS

Exploits1References5

Atlassian•added 2014/11/21 8:54 a.m.•31 views

Restricted page at the Home Page layer is shown at the sidebar page tree

h3. Problem The page which is restricted to user A only is shown on the page tree and the left sidebar when the page is at the top level of the page tree which is at the same level at the home page. This is replicable on my dev instance. Create a test space. Create Page A and make sure the locati...

0.3AI score

Exploits0Affected Software1

Mageia•added 2014/11/15 6:47 p.m.•58 views

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream -longterm 3.10.58 and fixes the following security issues: The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to 1...

7.2CVSS7.3AI score0.01168EPSS

Exploits6References8

RedHat Linux•added 2014/10/21 8:22 p.m.•1 views

wireshark: HIP dissector infinite loop (wnpa-sec-2014-16)

The dissecthiptlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5CVSS5.9AI score0.02377EPSS

Exploits0References5

UbuntuCve•added 2014/10/20 5:55 p.m.•33 views

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

3.5CVSS7.2AI score0.01914EPSS

Exploits1References2

Prion•added 2014/10/20 5:55 p.m.•18 views

Cross site scripting

3.5CVSS5.5AI score0.01914EPSS

Exploits1References8Affected Software3

OSV•added 2014/10/20 5:55 p.m.•0 views

UBUNTU-CVE-2014-5026

3.5CVSS7.3AI score0.01914EPSS

Exploits1References3

Debian CVE•added 2014/10/20 5:0 p.m.•25 views

CVE-2014-5026

3.5CVSS7.7AI score0.01914EPSS

Exploits1

RedHat Linux•added 2014/10/14 7:22 a.m.•2 views

chromium: multiple security fixes in Chrome 38.0.2125.101

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...

7.5CVSS7.6AI score0.01441EPSS

Exploits0References5

OSV•added 2014/10/13 10:55 a.m.•2 views

DEBIAN-CVE-2014-7970

The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service mount-tree loop via . dot values in both arguments to the pivotroot system call...

5.5CVSS7.1AI score0.00673EPSS

Exploits1References1

Prion•added 2014/10/13 10:55 a.m.•29 views

Code injection

4.9CVSS6.4AI score0.00673EPSS

Exploits1References16Affected Software3

OSV•added 2014/10/13 12:0 a.m.•3 views

UBUNTU-CVE-2014-7970

5.5CVSS6.7AI score0.00673EPSS

Exploits1References8