Lucene search
K

1272 matches found

Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.34 views

Amazon Linux AMI : kernel (ALAS-2012-58)

The ExecShield feature does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. C Tenable Network Security,...

1.9CVSS5.5AI score0.00358EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.39 views

Amazon Linux AMI : openssl (ALAS-2012-38)

It was discovered that the Datagram Transport Layer Security DTLS protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding...

5CVSS7.4AI score0.16645EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.26 views

Amazon Linux AMI : php (ALAS-2013-211)

A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xmlparseintostruct function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitra...

6.8CVSS8.8AI score0.05186EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : php (ALAS-2012-116)

Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

10CVSS8.3AI score0.10467EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : kernel / nvidia (ALAS-2013-148)

A malicious Network File System version 4 NFSv4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. CVE-2012-2375 , Moderate A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the...

7.1CVSS6.7AI score0.03614EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.46 views

Amazon Linux AMI : kernel (ALAS-2011-22)

The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service CPU consumption via a crafted application that makes epollcreate and epollctl system calls. Buffer overflow in the...

6.9CVSS6.9AI score0.00795EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.33 views

Amazon Linux AMI : texlive (ALAS-2012-48)

TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code : Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially crafted font file was...

7.6CVSS6.2AI score0.1427EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.43 views

Amazon Linux AMI : php (ALAS-2011-07)

The MITRE CVE database describes these CVEs as : Revert isa behavior to php = 5.3.6 and add a new new option allowstring for the new behavior accept string and raise autoload if needed Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent...

7.5CVSS9.1AI score0.22724EPSS
Exploits17References9
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.25 views

Amazon Linux AMI : freetype (ALAS-2011-08)

The MITRE CVE database describes CVE-2011-3256 as : FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted fon...

9.3CVSS6AI score0.06646EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : kernel (ALAS-2012-133)

An integer overflow flaw was found in the i915gemdoexecbuffer function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. CVE-2012-2384 , Moderate A memory leak flaw was found in the w...

7.1CVSS6.7AI score0.0285EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.47 views

Amazon Linux AMI : gnutls (ALAS-2012-59)

A flaw was found in the way GnuTLS decrypted malformed TLS records. This could cause a TLS/SSL client or server to crash when processing a specially crafted TLS record from a remote TLS/SSL connection peer. CVE-2012-1573 A boundary error was found in the gnutlssessiongetdata function. A malicious...

5CVSS8AI score0.04202EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.50 views

Amazon Linux AMI : mysql55 (ALAS-2012-144)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 C Tenable...

6.5CVSS7.8AI score0.24564EPSS
Exploits2References2
Rows per page
Query Builder