Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1345 matches found

Tenable Nessus
Tenable Nessusadded 2010/07/14 12:0 a.m.30 views

Fedora 12 : pcsc-lite-1.5.2-5.fc12 (2010-10764)

This update fixes up incorrect checks which were introduced with CVE-2010-0407 patch, introducing a regression for certain token types. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...

6.8CVSS5.3AI score0.00092EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2010/07/13 12:0 a.m.23 views

Debian DSA-2069-1 : znc - denial of service

It was discovered that ZNC, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

3.5CVSS5.4AI score0.01247EPSS
Exploits0References3
OpenVAS
OpenVASadded 2010/07/08 12:0 a.m.16 views

Panda AntiVirus Zoo Denial of Service Vulnerability

Panda Software Antivirus/Internet Security before 20070402 allows remote attackers to cause a denial of service infinite loop via a ZOO archive with a direntry structure that points to a previous file. OpenVAS Vulnerability Test Panda AntiVirus Zoo Denial of Service Vulnerability LSS-NVT-2010-038...

7.8CVSS1.1AI score0.01942EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.28 views

Fedora 11 : mysql-5.1.46-1.fc11 (2010-7355)

Update to MySQL 5.1.46, for various fixes described at http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

5CVSS5.3AI score0.00433EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.24 views

Fedora 12 : squid-3.1.0.16-6.fc12 (2010-3064)

Denial of service issue in HTCP processing SQUID-2010:2 http://www.squid- cache.org/Advisories/SQUID-20102.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

5CVSS5.3AI score0.49372EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.44 views

Fedora 11 : nss-3.12.6-1.2.fc11 (2010-3905)

Update to NSS 3.12.6 The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

9.8CVSS7.6AI score0.03741EPSS
Exploits14References3
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.57 views

Fedora 11 : java-1.6.0-openjdk-1.6.0.0-34.b17.fc11 (2010-6039)

Add latest security patches. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

9.8CVSS8.1AI score0.92143EPSS
Exploits33References38
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.23 views

Fedora 13 : zikula-1.2.3-1.fc13 (2010-8501)

Upstream pushed this release to fix two security issues one XSS, and one CSRF Upstream also removed a non-free JavaScript library that we previously had to strip. http://community.zikula.org/module-News-display-sid-3012.htm Note that Tenable Network Security has extracted the preceding descriptio...

6.8CVSS5.4AI score0.02874EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2010/07/01 12:0 a.m.33 views

Fedora 12 : wireshark-1.2.6-1.fc12 (2010-3556)

Upgrade to upstream version 1.2.6, fixing a security flaw: http://www.wireshark.org/security/wnpa-sec-2010-02.html For full release notes, see: http://www.wireshark.org/docs/relnotes/wireshark-1.2.6.html Note that Tenable Network Security has extracted the preceding description block directly fro...

7.5CVSS5.3AI score0.79754EPSS
Exploits12References5
Packet Storm
Packet Stormadded 2010/06/30 12:0 a.m.32 views

Kryn CMS 0.6 Cross Site Request Forgery / Cross Site Scripting

Found By: TurboBorland Email Address: [email protected] Software: Kryn =0.6 Date Found: 06/21/2010 Date Submitted: 06/29/2010 Ethical Disclosure: Vendor submitted - Replied with fix: "We've fix this issues and already uploaded the new versions for kryn-core and usermanagement." - Submission to...

0.4AI score
Exploits0
Core Security
Core Securityadded 2010/06/23 12:0 a.m.22 views

Novell iManager Multiple Vulnerabilities

Novell iManager Multiple Vulnerabilities 1. Advisory Information Title: Novell iManager Multiple Vulnerabilities Advisory Id: CORE-2010-0316 Advisory URL: http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities Date published: 2010-06-23 Date of last update:...

9CVSS8.2AI score0.24268EPSS
Exploits11
Tenable Nessus
Tenable Nessusadded 2010/06/20 12:0 a.m.32 views

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 : samba (SSA:2010-169-01)

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and 13.0 to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-169-01. The...

7.5CVSS7.2AI score0.77542EPSS
Exploits5References2
Symantec
Symantecadded 2010/06/16 8:0 a.m.19 views

Symantec Workspace Streaming Potential Unauthorized Downloads

SUMMARY Symantecs Workspace Streaming client fails to properly authenticate with the Symantec Workspace Streaming server when downloading files. This could potentially lead to unauthorized download of arbitrary code to a client system. AFFECTED PRODUCTS Products Affected Product | Version | Build...

9.3CVSS0.3AI score0.00571EPSS
Exploits0Affected Software1
seebug.org
seebug.orgadded 2010/06/12 12:0 a.m.45 views

Microsoft Windows帮助和支持中心绕过白名单限制漏洞

BUGTRAQ ID: 40725,40721 CVE ID: CVE-2010-1885 Windows是微软发布的非常流行的操作系统。 Windows中默认提供了帮助和支持中心以访问在线文档,可通过hcp://形式的URL直接访问帮助文档。在通过注册的协议处理器调用hcp:// URL时,会向帮助中心应用传送命令行参数/fromhcp,这个标记将帮助中心切换到受限制的模式,仅允许白名单中的帮助文档和参数。但这个白名单实现并不安全,可能被绕过。 在进行验证之前首先要使用MPC::HTML::UrlUnescapeW函数规范化和转义URL,该函数使用MPC::HexToNum将...

9.3CVSS6.2AI score0.92199EPSS
Exploits11
seebug.org
seebug.orgadded 2010/06/10 12:0 a.m.30 views

Office Excel畸形图表子流解析远程代码执行漏洞(MS10-038)

BUGTRAQ ID: 40521 CVE ID: CVE-2010-0823 Excel是微软Office套件中的电子表格工具。 Excel在解析电子表格中的畸形图表子流时存在内存破坏漏洞,用户受骗打开了畸形的Excel文档就会导致执行任意代码。 Microsoft Excel Viewer SP2 Microsoft Excel Viewer SP1 Microsoft Excel 2007 SP2 Microsoft Excel 2007 SP1 Microsoft Excel 2003 SP3 Microsoft Excel 2003 SP2 Microsoft Excel 20...

9.3CVSS1.3AI score0.57317EPSS
Exploits1
seebug.org
seebug.orgadded 2010/06/10 12:0 a.m.27 views

Windows媒体解压多个远程代码执行漏洞(MS10-033)

BUGTRAQ ID: 40464,40432 CVE ID: CVE-2010-1879,CVE-2010-1880 Windows是微软发布的非常流行的操作系统。 Windows中的多个多媒体处理组件在处理媒体文件时没有正确地解析其中的压缩数据,如果用户打开了特制的媒体文件,就可能允许远程代码执行。如果用户以管理权限登录,则成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft DirectX 9.0 Microsoft Media Format Runtime 9.5 x64 Microsoft Media Format Runtime 9.5 Microsoft...

9.3CVSS6.8AI score0.59834EPSS
Exploits1
seebug.org
seebug.orgadded 2010/06/10 12:0 a.m.55 views

Office Excel OBJ记录解析栈溢出漏洞(MS10-038)

BUGTRAQ ID: 40520 CVE ID: CVE-2010-0822 Excel是微软Office套件中的电子表格工具。 Excel在解析电子表格中的畸形OBJ(recType 0x5D)记录时存在栈溢出漏洞,用户受骗打开了畸形的Excel文档就会导致执行任意代码。 Microsoft Excel 2002 SP3 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac 临时解决方法: 不要打开从不可信任来源接收到或从可信任来源意外接收到的Excel文件。 厂商补丁: Microsoft ---------...

9.3CVSS2.4AI score0.80447EPSS
Exploits21
seebug.org
seebug.orgadded 2010/06/10 12:0 a.m.28 views

Windows Win32k.sys驱动创建窗口权限提升漏洞(MS10-032)

BUGTRAQ ID: 40569 CVE ID: CVE-2010-0485 Windows是微软发布的非常流行的操作系统。 Windows的Win32k.sys内核驱动在创建新的窗口时没有充分地验证所有的回调参数,本地用户可以通过运行特制的应用程序导致执行任意内核态代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Server 2008 SP2 Microsoft Windows...

6.8CVSS2AI score0.01059EPSS
Exploits6
seebug.org
seebug.orgadded 2010/06/10 12:0 a.m.33 views

Microsoft Windows OpenType CFF驱动本地权限提升漏洞(MS10-037)

BUGTRAQ ID: 40572 CVE ID: CVE-2010-0819 Windows是微软发布的非常流行的操作系统。 Windows OpenType CFF驱动没有正确地验证用户态传送给内核态的某些数据,如果用户查看了特制CCF字体所渲染的内容,在获得字型轮廓时就会用任意数量的0字节覆盖内核内存,导致内核级权限提升。攻击者必须拥有有效的登录凭据且能够本地登录才可以利用这个漏洞,无法远程或匿名利用。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft...

7.2CVSS6.4AI score0.0139EPSS
Exploits1
seebug.org
seebug.orgadded 2010/05/20 12:0 a.m.55 views

Microsoft Windows cdd.dll驱动远程拒绝服务漏洞

BUGTRAQ ID: 40237 CVE ID: CVE-2009-3678 Windows是微软发布的非常流行的操作系统。 Windows所使用的规范显示驱动(cdd.dll)没有正确的解析从用户态拷贝到内核态的信息。用户受骗打开了包含有大量以缩略图形式显示图形文件的文件夹并同时选中删除了大约15到20张图形就会导致系统蓝屏死机。理论上利用该漏洞也可能导致执行任意代码,但由于地址是随机的,因此很难预测最终的指针目标。 Microsoft Windows Server 2008 R2 Microsoft Windows 7 临时解决方法: 禁用Windows Aero主题。 厂商补丁:...

9.3CVSS6.4AI score0.49158EPSS
Exploits1
Rows per page
Query Builder