Lucene search
K

144 matches found

NVD
NVD
added 2020/01/14 6:15 p.m.29 views

CVE-2015-3151

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the 1 NewProblem, 2 GetInfo, 3 SetElement, or 4 DeleteElement method...

7.8CVSS7.3AI score0.0056EPSS
Exploits0References6
Prion
Prion
added 2020/01/14 6:15 p.m.26 views

Design/Logic Flaw

The default event handling scripts in Automatic Bug Reporting Tool ABRT allow local users to gain privileges as demonstrated by a symlink attack on a varlogmessages file...

7.2CVSS6.8AI score0.00414EPSS
Exploits0References4
CVE
CVE
added 2020/01/14 6:0 p.m.76 views

CVE-2015-3159

CVE-2015-3159 affects ABRT (Automatic Bug Reporting Tool) specifically the abrt-action-install-debuginfo-to-abrt-cache component. The root cause is improper handling of the process environment before invoking abrt-action-install-debuginfo, enabling local privilege elevation. Vulnerable platforms ...

7.8CVSS5.7AI score0.00392EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/01/14 5:47 p.m.71 views

CVE-2015-3151

Technical details (affected product, root cause, impact, or fix) for CVE-2015-3151 are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS7.2AI score0.0056EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2020/01/14 5:34 p.m.31 views

CVE-2015-3150

abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...

7AI score0.00398EPSS
Exploits0References5
CVE
CVE
added 2020/01/14 5:31 p.m.87 views

CVE-2015-3147

The CVE-2015-3147 issue affects ABRT’s daemon, specifically daemon/abrt-handle-upload.in, where moving reports from /var/spool/abrt-upload can be manipulated via a symbolic link to write to arbitrary files (or cause other impacts) on the system. The vulnerability arises from a symlink attack agai...

6.5CVSS6AI score0.01075EPSS
Exploits0References5Affected Software7
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2019/11/18 12:0 a.m.29 views

Stable Channel Update for Desktop

The stable channel has been updated to 78.0.3904.108 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

8.8CVSS8.9AI score0.0149EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.225 views

Fedora 31 : python38 (2019-d11594bf0a)

This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...

7.5CVSS7.1AI score0.05366EPSS
Exploits0References13
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2019/09/18 12:0 a.m.30 views

Stable Channel Update for Desktop

The Stable channel has been updated to 77.0.3865.90 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. A list of all changes is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are...

8.8CVSS8.8AI score0.00914EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/09/11 12:0 a.m.50 views

Fedora 29 : python38 (2019-d58eb75449)

This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...

7.5CVSS7.1AI score0.05366EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2019/09/11 12:0 a.m.50 views

Fedora 30 : python38 (2019-4954d8773c)

This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...

7.5CVSS7.1AI score0.05366EPSS
Exploits0References13
Kitploit
Kitploit
added 2019/08/03 9:31 p.m.82 views

MemGuard - Secure Software Enclave For Storage Of Sensitive Information In Memory

Secure software enclave for storage of sensitive information in memory. This package attempts to reduce the likelihood of sensitive data being exposed. It supports all major operating systems and is written in pure Go. Features Sensitive data is encrypted and authenticated in memory using xSalsa2...

7.2AI score
Exploits0References6
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2019/06/13 12:0 a.m.28 views

Stable Channel Update for Desktop

The stable channel has been updated to 75.0.3770.90 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...

6.5CVSS7.6AI score0.00744EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.18 views

Privilege Escalation

ABRT Automatic Bug Reporting Tool is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in...

6.9CVSS5.6AI score0.00446EPSS
Exploits2References7Affected Software2
Kitploit
Kitploit
added 2018/11/30 8:15 p.m.93 views

XSSFuzzer - A Tool Which Generates XSS Payloads Based On User-Defined Vectors And Fuzzing Lists

XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an...

6.8AI score
Exploits0References1
myhack58
myhack58
added 2018/11/20 12:0 a.m.434 views

HackerOne two-factor authentication and reporting those to the blacklist bypass vulnerability($10,000)-bug warning-the black bar safety net

Hello everyone, today I want to share with you is a HackerOne-related vulnerabilities, using the vulnerability, I can bypass the HackerOne vulnerability presented when two-factor authentication mechanisms 2FA and the bounty project, A Bug Bounty Program for reporting those to the blacklist...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/21 12:0 a.m.19 views

Debian DLA-1511-1 : reportbug update

Reportbug, a tool designed to make the reporting of bugs in Debian easier, was further enhanced to automatically detect bug reports for potential regressions caused by a security update. After user confirmation an additional email with a copy of the report will be sent to the debian-lts mailing...

5.4AI score
Exploits0References2
Kitploit
Kitploit
added 2018/09/01 9:15 p.m.100 views

Getsploit v0.2.2 - Command Line Utility For Searching And Downloading Exploits

Command line search and download tool for Vulners Database inspired by searchsploit. It allows you to search online for the exploits across all the most popular collections: Exploit-DB , Metasploit , Packetstorm and others. The most powerful feature is immediate exploit source download right in...

7.7AI score
Exploits0References2
GoogleProjectZero
GoogleProjectZero
added 2018/08/02 12:0 a.m.29 views

Adventures in vulnerability reporting

Posted by Natalie Silvanovich, Project Zero At Project Zero, we spend a lot of time reporting security bugs to vendors. Most of the time, this is a fairly straightforward process, but we occasionally encounter challenges getting information about vulnerabilities into the hands of vendors. Since i...

10CVSS7.2AI score0.08747EPSS
Exploits2
CNVD
CNVD
added 2018/05/03 12:0 a.m.5 views

Red Hat Automatic Bug Reporting Tool Information Disclosure Vulnerability

Red Hat Automatic Bug Reporting Tool ABRT is a set of automated bug detection and reporting tools from Red Hat Red Hat. A security vulnerability exists in Red Hat ABRT versions prior to 2.1.6. A local attacker can exploit this vulnerability to obtain sensitive information from arbitrary files...

3.3CVSS6.4AI score0.00308EPSS
Exploits0References1
Rows per page
Query Builder