Lucene search
K

7041 matches found

Fedora
Fedora
added 2015/08/07 1:5 p.m.23 views

[SECURITY] Fedora 22 Update: opensaml-java-2.5.3-9.fc22

OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...

5.9CVSS2.4AI score0.00844EPSS
Exploits1
Fedora
Fedora
added 2015/08/07 1:4 p.m.23 views

[SECURITY] Fedora 21 Update: opensaml-java-2.5.3-9.fc21

OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language SAML. OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0...

5.9CVSS2.4AI score0.00844EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.50 views

Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References2
Metasploit
Metasploit
added 2015/08/01 11:1 a.m.258 views

BIND TKEY Query Denial of Service

This module sends a malformed TKEY query, which exploits an error in handling TKEY queries on affected BIND9 'named' DNS servers. As a result, a vulnerable named server will exit with a REQUIRE assertion failure. This condition can be exploited in versions of BIND between BIND 9.1.0 through 9.8.x...

7.8CVSS7.7AI score0.91284EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.27 views

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References2
RedHat Linux
RedHat Linux
added 2015/07/29 12:32 a.m.3 views

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References6
ArchLinux
ArchLinux
added 2015/07/29 12:0 a.m.57 views

bind: denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet leading to denia...

7.8CVSS2.4AI score0.91284EPSS
Exploits12References2
RedHat Linux
RedHat Linux
added 2015/07/28 10:59 p.m.3 views

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References6
RedHat Linux
RedHat Linux
added 2015/07/28 10:53 p.m.2 views

bind: TKEY query handling flaw leading to denial of service

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References6
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.44 views

Amazon Linux AMI : bind (ALAS-2015-566)

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. C Tenable Network Security, In...

7.8CVSS7.2AI score0.37872EPSS
Exploits0References2
Amazon
Amazon
added 2015/07/22 12:0 a.m.47 views

Important: bind

Issue Overview: A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. Affected...

7.8CVSS7.7AI score0.37872EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/21 12:0 a.m.25 views

Scientific Linux Security Update : bind on SL7.x x86_64 (20150720)

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. CVE-2015-4620 After installing...

7.8CVSS7.2AI score0.37872EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2015/05/18 12:0 a.m.4 views

Apache Qpid Session.gap Denial of Service - Ver2 (CVE-2015-0203)

A denial of service vulnerability exists in Apache Qpid. The vulnerability is due to an assertion failure prior to session establishment when processing the session.gap control segment. A remote, authenticated attacker could exploit this vulnerability by sending an out of sequence session.gap...

4CVSS4.7AI score0.08682EPSS
Exploits0
ArchLinux
ArchLinux
added 2015/05/08 12:0 a.m.42 views

mariadb-clients: denial of service

A heap-based buffer overflow was found in the way PCRE handled certain malformed regular expressions. This issue could cause a crash while parsing malicious regular expressions related to an assertion that allows zero repeats...

5CVSS3.7AI score0.06505EPSS
Exploits0References2
Mageia
Mageia
added 2015/05/03 12:19 a.m.40 views

Updated subversion packages fix security vulnerabilities

Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...

7.8CVSS6.8AI score0.12841EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.23 views

Mandriva Linux Security Advisory : tor (MDVSA-2015:205)

Updated tor packages fix security vulnerabilities : disgleirio discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible CVE-2015-2928. DonnchaC discovered that Tor clients would crash with an...

7.5CVSS7.3AI score0.01384EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/04/27 12:0 a.m.25 views

Debian DLA-207-1 : subversion security update

Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...

5CVSS7.9AI score0.51442EPSS
Exploits0References9
CNVD
CNVD
added 2015/04/26 12:0 a.m.4 views

Red Hat PicketLink SAML Assertion AudienceRestriction Security Bypass Vulnerability

Red Hat PicketLink a unified identity management framework for Java applications. A security bypass vulnerability exists in Red Hat PicketLink that could be exploited by an attacker to bypass security restrictions and perform unauthorized access...

6CVSS6.8AI score0.0196EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.31 views

Debian DSA-3231-1 : subversion - security update

Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...

5CVSS8.1AI score0.12841EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/04/21 12:0 a.m.36 views

Debian Security Advisory DSA 3231-1 (subversion - security update)

Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0248 Subversion moddavsvn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain...

5CVSS0.5AI score0.12841EPSS
Exploits0References1
Rows per page
Query Builder