Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-7070

Malware in sbrugna...

4.7CVSS6.3AI score0.00267EPSS
Exploits0References19
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.87 views

K90803619: Linux kernel vulnerability CVE-2016-6136

Security Advisory Description Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerabilit...

4.7CVSS5.7AI score0.00267EPSS
Exploits0Affected Software23
OSV
OSV
added 2018/05/21 9:29 p.m.16 views

CVE-2018-11330

An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted...

4.8CVSS5AI score0.00653EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/15 12:0 a.m.60 views

F5 Networks BIG-IP : Linux kernel vulnerability (K90803619)

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a 'double fetch' vulnerability. CVE-2016-6136 Impact Locall...

4.7CVSS6.2AI score0.00267EPSS
Exploits0References2
NVD
NVD
added 2016/08/06 8:59 p.m.30 views

CVE-2016-6136

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...

4.7CVSS4.7AI score0.00267EPSS
Exploits0References11
OSV
OSV
added 2016/08/06 8:59 p.m.10 views

CVE-2016-6136

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...

4.7CVSS6.7AI score
Exploits0References11
CVE
CVE
added 2016/08/06 8:0 p.m.168 views

CVE-2016-6136

CVE-2016-6136 is a Linux kernel race condition in audit_log_single_execve_arg (auditsc.c) that can allow a local user to bypass character-set restrictions or disrupt system-call auditing via a double-fetch flaw. Connected advisories confirm multiple vendors map this CVE to Linux kernel fixes; rem...

4.7CVSS5.3AI score0.00267EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2016/08/06 8:0 p.m.37 views

CVE-2016-6136

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...

4.7CVSS6.2AI score0.00267EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/08/06 12:0 a.m.49 views

CVE-2016-6136

Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...

4.7CVSS6.7AI score0.00267EPSS
Exploits0References12
Prion
Prion
added 2014/02/15 2:57 p.m.27 views

Cross site request forgery (csrf)

Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed...

6.8CVSS6.7AI score0.01859EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/02/15 2:57 p.m.26 views

Cross site request forgery (csrf)

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed...

6.8CVSS7AI score0.01636EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2014/02/15 2:57 p.m.23 views

CVE-2013-6166

Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed...

6.8CVSS5.9AI score0.01859EPSS
Exploits0References5
CVE
CVE
added 2014/02/15 11:0 a.m.58 views

CVE-2013-6167

The CVE-2013-6167 issue affects Mozilla Firefox before version 28 (reported as Firefox through 27) where HTTP Cookie headers are sent without validating required character-set restrictions. The root cause is improper handling/validation of cookie character sets, enabling attackers to craft a para...

6.8CVSS6.7AI score0.01636EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/02/15 11:0 a.m.54 views

CVE-2013-6167

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed...

6.4AI score0.01636EPSS
Exploits0References5
Rows per page
Query Builder