Lucene search
K

227 matches found

Kaspersky
Kaspersky
added 2019/07/09 12:0 a.m.82 views

KLA11515 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete...

9.8CVSS10AI score0.20271EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2019/06/25 12:0 a.m.36 views

openSUSE Security Update : openssh (openSUSE-2019-1602)

This update for openssh fixes the following issues : Security vulnerabilities addressed : - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...

6.8CVSS7.1AI score0.58204EPSS
Exploits9References8
OPENSUSE Linux
OPENSUSE Linux
added 2019/06/24 12:0 a.m.216 views

Security update for openssh (moderate)

openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2019:1602-1 Rating: moderate References: 1065237 1090671 1119183 1121816 1121821 1131709 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: openSUSE Leap 42.3 An update that solves two vulnerabilities...

6.8CVSS7AI score0.58204EPSS
Exploits9References6
Tenable Nessus
Tenable Nessus
added 2019/06/18 12:0 a.m.40 views

SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2019:1524-1)

This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...

6.8CVSS7.1AI score0.58204EPSS
Exploits9References11
OSV
OSV
added 2019/06/17 3:30 p.m.17 views

SUSE-SU-2019:1524-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...

6.8CVSS6.7AI score0.58204EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.109 views

Amazon Linux 2 : openssh (ALAS-2019-1216)

An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented. A...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References4
OSV
OSV
added 2019/05/12 9:35 a.m.14 views

MGASA-2019-0156 Updated openssh packages fix security vulnerabilities

Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred CVE-2019-6109. Due to scp client insufficient...

6.8CVSS6.5AI score0.58204EPSS
Exploits9References3
Mageia
Mageia
added 2019/05/12 9:35 a.m.77 views

Updated openssh packages fix security vulnerabilities

Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred CVE-2019-6109. Due to scp client insufficient...

6.8CVSS0.7AI score0.58204EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2019/05/06 12:0 a.m.55 views

EulerOS 2.0 SP5 : openssh (EulerOS-SA-2019-1324)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References3
Veracode
Veracode
added 2019/05/02 5:0 a.m.22 views

Same-Origin Policy Bypass

Mozilla Firefox is vulnerable to same-origin policy bypass. Using a flaw found in the way Firefox rendered web content with missing character encoding information, it bypasses same-origin inheritance and perform cross-site scripting XSS attacks...

4.3CVSS8.4AI score0.03402EPSS
Exploits1References20Affected Software2
Veracode
Veracode
added 2019/05/02 4:41 a.m.29 views

Cross Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

8.8CVSS9.2AI score0.11079EPSS
Exploits10References29Affected Software3
Veracode
Veracode
added 2019/05/02 4:41 a.m.41 views

Remote Code Execution (RCE)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

8.8CVSS9.3AI score0.11079EPSS
Exploits10References30Affected Software3
Veracode
Veracode
added 2019/05/02 4:41 a.m.26 views

Cross Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

8.8CVSS9.2AI score0.11079EPSS
Exploits10References33Affected Software3
Tenable Nessus
Tenable Nessus
added 2019/04/26 12:0 a.m.49 views

SUSE SLES11 Security Update : openssh (SUSE-SU-2019:14030-1)

This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...

6.8CVSS7.1AI score0.58204EPSS
Exploits9References11
OSV
OSV
added 2019/04/25 8:34 a.m.13 views

SUSE-SU-2019:14030-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...

6.8CVSS6.7AI score0.58204EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2019/04/15 12:0 a.m.72 views

SUSE SLES12 Security Update : openssh (SUSE-SU-2019:0941-1)

This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...

6.8CVSS7.1AI score0.58204EPSS
Exploits9References10
OSV
OSV
added 2019/04/11 2:6 p.m.15 views

SUSE-SU-2019:14016-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...

6.8CVSS6.7AI score0.58204EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.63 views

Debian DLA-1728-1 : openssh security update

Multiple scp client vulnerabilities have been discovered in OpenSSH, the premier connectivity tool for secure remote shell login and secure file transfer. CVE-2018-20685 In scp.c, the scp client allowed remote SSH servers to bypass intended access restrictions via the filename of . or an empty...

6.8CVSS7.3AI score0.58204EPSS
Exploits9References5
OSV
OSV
added 2019/03/23 11:9 a.m.11 views

OPENSUSE-SU-2019:0307-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...

6.8CVSS6.8AI score0.58204EPSS
Exploits9References6
Tenable Nessus
Tenable Nessus
added 2019/03/11 12:0 a.m.60 views

openSUSE Security Update : openssh (openSUSE-2019-307)

This update for openssh fixes the following issues : Security vulnerabilities addressed : - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...

6.8CVSS7.1AI score0.58204EPSS
Exploits9References5
Rows per page
Query Builder