Yaws Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Yaws Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can on...

CVE-2017-18922

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow...

CVE-2017-15085

It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6...

CVE-2012-0880

Apache Xerces-C++ allows remote attackers to cause a denial of service CPU consumption via a crafted message sent to an XML service that causes hash table collisions...

Fedora 23 : sudo-1.8.15-1.fc23 (2015-386863df8a)

sudo-1.8.15-1.fc21 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc22 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc23 - update to 1.8.15 - fixes CVE-2015-5602 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Fedora 22 : squashfs-tools-4.3-11.fc22 (2015-10750)

Security fix for CVE-2015-4645 / CVE-2015-4646 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 20 : pixman-0.30.0-4.fc20 (2014-9063)

CVE-2013-6425, added patches from https://bugzilla.redhat.com/showbug.cgi?id=1043743 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

CVE-2014-3499

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

CVE-2011-4024

Cross-site scripting XSS vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Fedora Core 11 FEDORA-2009-10861 (asterisk)

The remote host is missing an update to asterisk announced via advisory FEDORA-2009-10861. OpenVAS Vulnerability Test $Id: fcore200910861.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10861 asterisk Authors: Thomas Reinke Copyright: Copyright c 20...

Fedora Core 11 FEDORA-2009-10780 (squidGuard)

The remote host is missing an update to squidGuard announced via advisory FEDORA-2009-10780. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

Fedora Core 10 FEDORA-2009-8318 (apr-util)

The remote host is missing an update to apr-util announced via advisory FEDORA-2009-8318. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

Fedora Core 10 FEDORA-2009-5368 (coccinelle)

The remote host is missing an update to coccinelle announced via advisory FEDORA-2009-5368. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Fedora Core 10 FEDORA-2009-4919 (opensc)

The remote host is missing an update to opensc announced via advisory FEDORA-2009-4919. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 10 FEDORA-2009-3768 (maniadrive)

The remote host is missing an update to maniadrive announced via advisory FEDORA-2009-3768. OpenVAS Vulnerability Test $Id: fcore20093768.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3768 maniadrive Authors: Thomas Reinke Copyright: Copyright c...

Fedora Core 9 FEDORA-2009-5517 (libwmf)

The remote host is missing an update to libwmf announced via advisory FEDORA-2009-5517. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 8 : ssmtp-2.61-11.6.fc8.1 (2008-8040)

Fix for CVE-2008-3962 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞

BUGTRAQ ID: 31106 CVE ID：CVE-2008-2932 CNCVE ID：CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入，远程攻击者可以利用漏洞进行缓冲区溢出，以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...

CVE-2008-0597

Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service crash via crafted IPP packets...