Lucene search
K

852 matches found

Positive Technologies
Positive Technologies
added 2016/01/12 12:0 a.m.4 views

PT-2016-3900 · Grassroots · Grassroot Dicom

Name of the Vulnerable Software and Affected Versions: Grassroots DICOM versions prior to 2.6.2 Description: The issue allows remote attackers to obtain sensitive information from process memory or cause a denial of service via an embedded JPEG-LS image with dimensions larger than the selected...

8.2CVSS7.4AI score0.03609EPSS
Exploits1References15
CNVD
CNVD
added 2016/01/06 12:0 a.m.7 views

IBM Security QRadar SIEM Cross-Site Scripting Vulnerability

IBM Security QRadar SIEM is an IBM USA solution that consolidates log-sourced event data from thousands of devices and applications dispersed throughout the network. The solution stores each event in its raw form and then performs instant correlation of events to differentiate between actual...

5.4CVSS5.9AI score0.00622EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/22 12:0 a.m.3 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2015-06982)

Oracle MySQL Server is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost, good reliability and so on. An unspecified vulnerability exists in Oracle MySQL Server versions 5.5.45 and earlier and 5.6.26 and earlier. ...

3.5CVSS8.2AI score0.02729EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The kernel-abi-whitelists-2.6.32 package on the CentOS operating system has multiple vulnerabilities. Exploiting these vulnerabilities can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

10CVSS6.6AI score0.0523EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2014/10/21 2:55 p.m.3 views

CVE-2012-5242

Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter in a gettemplate action...

6.8CVSS5.9AI score0.02537EPSS
Exploits5References3
Positive Technologies
Positive Technologies
added 2012/05/29 12:0 a.m.4 views

PT-2012-1143 · Puppet +1 · Puppet Enterprise (Pe) Users +2

Name of the Vulnerable Software and Affected Versions: Puppet versions 2.6.x through 2.6.14 Puppet versions 2.7.x through 2.7.12 Puppet Enterprise PE Users versions 1.0 through 1.2.x Puppet Enterprise PE Users versions 2.0.x through 2.5.0 Description: The issue allows remote authenticated users...

6CVSS6.7AI score0.02632EPSS
Exploits0References37
Positive Technologies
Positive Technologies
added 2012/04/17 12:0 a.m.2 views

PT-2012-3357 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.22 Description: The issue is related to a double free vulnerability in the xfrm6 tunnel rcv function. This vulnerability can be exploited by remote attackers who send crafted IPv6 packets, potentially causin...

5CVSS8.5AI score0.03615EPSS
Exploits2References12
Positive Technologies
Positive Technologies
added 2011/10/29 12:0 a.m.4 views

PT-2011-4840 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6 Description: The issue is related to a buffer overflow in the xfs readlink function, which can cause memory corruption and a crash, potentially allowing the execution of arbitrary code. This occurs when CONFIG XFS DEB...

7.8CVSS7.2AI score0.20492EPSS
Exploits19References88
OSV
OSV
added 2011/10/27 8:55 p.m.2 views

DEBIAN-CVE-2011-3848

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request CSR to arbitrary locations via 1 a double-encoded key parameter in the URI in 2.7.x, 2 the CN in the Subject of a CSR in 2.6 and 0.25...

5CVSS7AI score0.01115EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/05/05 6:52 p.m.6 views

(CGIHTTPServer): CGI script source code disclosure

The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...

5CVSS7.3AI score0.03924EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2011/03/01 12:0 a.m.7 views

PT-2011-1487 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue is related to the socket implementation in the Linux kernel, which does not properly manage a backlog of received packets. This allows remote attackers to cause a denial of service ...

9CVSS5.9AI score0.0389EPSS
Exploits8References62
Positive Technologies
Positive Technologies
added 2011/02/02 12:0 a.m.3 views

PT-2011-2420 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.38-rc2 Description: The issue is related to the dvb ca ioctl function in the Linux kernel, which does not properly check the sign of a certain integer field. This oversight allows local users to potentially...

7.8CVSS5.6AI score0.02523EPSS
Exploits6References36
Positive Technologies
Positive Technologies
added 2010/12/16 12:0 a.m.7 views

PT-2010-5202 · Microsoft · Windows Movie Maker

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Movie Maker version 2.6 Description: The issue is related to an untrusted search path vulnerability, which allows local users to gain privileges. This can be achieved by placing a Trojan horse DLL in the current working...

9.3CVSS6.2AI score0.20488EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2010/11/20 12:0 a.m.3 views

PT-2010-5331 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37-rc2 Description: The issue is related to the do tcp setsockopt function in the Linux kernel, which does not properly restrict TCP MAXSEG aka MSS values. This allows local users to cause a denial of servic...

4.9CVSS4.1AI score0.01355EPSS
Exploits18References33
RedHat Linux
RedHat Linux
added 2010/08/10 5:35 p.m.3 views

kernel: xfs swapext ioctl minor security issue

The xfsswapext function in fs/xfs/xfsdfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file...

2.1CVSS5.8AI score0.00434EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/03/17 3:1 a.m.8 views

kernel: sctp remote denial of service

The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service infinite loop via 1 an Out Of The Blue OOTB chunk or 2 a chunk of zero length...

7.8CVSS5.9AI score0.0452EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/02/02 8:26 p.m.8 views

kernel: megaraid_sas permissions in sysfs

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...

7.1CVSS7.1AI score0.00444EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/01/08 3:47 p.m.5 views

kernel: Missing ioctl() permission checks in aacraid driver

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

1.9CVSS5.8AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/07/16 9:57 a.m.5 views

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

10CVSS5.8AI score0.03102EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2008/01/29 12:0 a.m.5 views

PT-2008-1820 · Ge Fanuc · Ge Fanuc Proficy Real-Time Information Portal

Name of the Vulnerable Software and Affected Versions: GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier Description: The issue allows remote attackers to steal passwords and gain privileges due to the use of HTTP Basic Authentication, which transmits usernames and passwords ...

9.8CVSS9.6AI score0.01957EPSS
Exploits0References8
Rows per page
Query Builder