Lucene search
K

956 matches found

OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2015-1439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.5AI score0.04198EPSS
Exploits0References2
Cisco Threats
Cisco Threats
added 2015/08/25 7:45 p.m.15 views

Threat Outbreak Alert RuleID17564: Email Messages Distributing Malicious Software on August 25, 2015

Medium Alert ID: 40661 First Published: 2015 August 25 19:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17564 may contain the following files: Name |...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.60 views

[USN-2705-1] Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-2705-1 August 06, 2015 python-keystoneclient, python-keystonemiddleware vulnerabilities ========================================================================== A security issue affects these...

4.3CVSS1.3AI score0.02586EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/08/06 4:10 a.m.52 views

USN-2705-1: Keystone vulnerabilities

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...

4.3CVSS5.3AI score0.02586EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/08/06 12:0 a.m.31 views

Ubuntu 14.04 LTS : Keystone vulnerabilities (USN-2705-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2705-1 advisory. Qin Zhao discovered Keystone disabled certification verification when the insecure option is set in a paste configuration paste.ini file regardless of th...

4.3CVSS5.6AI score0.02586EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/08/06 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-2705-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.5AI score0.02586EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2015/07/28 12:0 a.m.45 views

wpa_supplicant security and enhancement update

1:0.7.3-6 - AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 rh 1226396 1:0.7.3-5 - Add domainmatch config option from upstream rh 1186806 rh 1178263 - Include peer certificate in EAP events for use by clients - Add dbus signal for information about server certification -...

4.3CVSS2.8AI score0.04198EPSS
Exploits0
Prion
Prion
added 2015/07/09 7:17 p.m.20 views

Code injection

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

6.4CVSS6.8AI score0.61798EPSS
Exploits6References31Affected Software4
NVD
NVD
added 2015/07/09 7:17 p.m.23 views

CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

6.5CVSS6.1AI score0.61798EPSS
Exploits6References31
OSV
OSV
added 2015/07/09 7:17 p.m.6 views

CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

6.5CVSS6.4AI score0.61798EPSS
Exploits6References31
Cvelist
Cvelist
added 2015/07/09 7:0 p.m.23 views

CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

6.1AI score0.61798EPSS
Exploits6References31
UbuntuCve
UbuntuCve
added 2015/07/09 12:0 a.m.26 views

CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

6.5CVSS6.9AI score0.61798EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.41 views

OpenSSL 1.0.1 < 1.0.1p Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.1p. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1p advisory. - ssl/s3clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client,...

6.5CVSS6.7AI score0.61798EPSS
Exploits6References6
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.19 views

CentOS Update for firefox CESA-2015:1207 centos5

Check the version of firefox SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882217";...

10CVSS5.4AI score0.0555EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2015/06/30 10:33 a.m.14 views

Cyber UL Could Become Reality Under Leadership of Hacker Mudge

UPDATE–One of the longstanding problems in security–and the software industry in general–is the lack of any universally acknowledged authority on quality and reliability. But the industry moved one step closer to making such a clearinghouse a reality this week when Peiter Zatko, a longtime...

7.2AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.36 views

CentOS 7 : libreswan (CESA-2015:1154)

Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

5CVSS5.7AI score0.02595EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/06/24 12:0 a.m.35 views

RHEL 7 : libreswan (RHSA-2015:1154)

Updated libreswan packages that fix one security issue, several bugs and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

5CVSS5.7AI score0.02595EPSS
Exploits0References4
myhack58
myhack58
added 2015/06/01 12:0 a.m.17 views

B2Bbuilder the latest version of the sql injection second-vulnerability warning-the black bar safety net

看 到 module\company\admin\businessinfolist.php PHP | 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 9 2 0 2 1 | ? php $status=array'-1'=langshow'notpass','0'=langshow'wpass','1'=langshow'auditpass'; ifisset$GET'step' if$GET'step'=="del" $db-query"delete from ". CERTIFICATION." where...

1.9AI score
Exploits0
NVD
NVD
added 2015/04/17 5:59 p.m.19 views

CVE-2015-1852

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS6.2AI score0.02586EPSS
Exploits0References7
OSV
OSV
added 2015/04/17 5:59 p.m.5 views

CVE-2015-1852

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

6AI score
Exploits0References7
Rows per page
Query Builder