Lucene search
K

2575 matches found

RedhatCVE
RedhatCVE
added 2016/06/06 2:49 p.m.48 views

CVE-2016-5242

The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...

5.6CVSS3.3AI score0.00342EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/05/05 12:0 a.m.7 views

The vulnerability of the Junos operating system, which allows a hacker to increase their privileges

The vulnerability of the Junos operating system exists due to insufficient checks on the status of resources when they can be used concurrently. Exploiting this vulnerability allows a malicious actor to enhance their privileges using the URL parameter...

6.5CVSS7.6AI score0.01731EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/05 12:0 a.m.47 views

Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)

Security Fixes : - It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a...

7.2CVSS7.2AI score0.30146EPSS
Exploits6References25
CNVD
CNVD
added 2016/03/10 12:0 a.m.3 views

ISC DHCP Denial of Service Vulnerability (CNVD-2016-01603)

ISC DHCP is the United States ISC Internet Systems Consortium company's set of open source Dynamic Host Configuration Protocol server software. A security vulnerability exists in ISC DHCP that stems from the program's failure to limit the number of concurrent TCP sessions. A remote attacker could...

7.1CVSS6.4AI score0.73622EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/03/02 12:0 a.m.6 views

The vulnerability of Lexmark’s microprogramming software allows a hacker to bypass the authentication process.

The vulnerability of Lexmark’s microprogramming software exists due to insufficient checking of resource status when resources can be used concurrently. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures by using incorrect detection of resource status...

10CVSS7.8AI score0.03259EPSS
Exploits0References2
CNVD
CNVD
added 2016/02/11 12:0 a.m.3 views

Linux kernel contention condition denial of service vulnerability (CNVD-2016-01040)

The Linux kernel is an open source, free operating system kernel originally done by Linus Torvalds. A contention condition vulnerability exists in the 'ttyioctl' function in the drivers/tty/ttyio.c file in Linux kernel 4.4.1 and earlier versions. A local attacker can exploit this vulnerability to...

6.8CVSS6.7AI score0.00382EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/01/18 12:0 a.m.7 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the Google Chrome browser exists due to insufficient checking of the status of resources when they can be used concurrently. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially other unspecified effects due to the use of an...

9.3CVSS7.7AI score0.01706EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2015/12/22 10:9 p.m.27 views

[SECURITY] Fedora 23 Update: subversion-1.9.3-1.fc23

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...

9CVSS2.5AI score0.57037EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.38 views

Oracle: Security Advisory (ELSA-2009-1243)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.14749EPSS
Exploits40References2
CNVD
CNVD
added 2015/08/01 12:0 a.m.5 views

FreeBSD TCP Reorganization Memory Consumption Vulnerability

FreeBSD is a BSD-based operating system. FreeBSD has a security vulnerability that allows remote attackers to establish multiple concurrent TCP connections through multiple VNETs, which can consume a large amount of the target system's available mbufs resources, rendering the network communicatio...

7.5CVSS7AI score0.03324EPSS
Exploits0References1
Fedora
Fedora
added 2015/07/29 1:54 a.m.27 views

[SECURITY] Fedora 21 Update: subversion-1.8.13-7.fc21

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...

7.8CVSS2.5AI score0.12841EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.22 views

Mandriva Linux Security Advisory : postgresql (MDVSA-2015:110)

Updated postgresql packages fix multiple security vulnerabilities : Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a...

9.8CVSS7.3AI score0.06666EPSS
Exploits6References15
OpenVAS
OpenVAS
added 2015/02/11 12:0 a.m.31 views

CentOS Update for mod_dav_svn CESA-2015:0166 centos7

Check the version of moddavsvn SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882116";...

5CVSS8.4AI score0.1067EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/12/16 12:0 a.m.36 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)

This openjdk update fixes the following security and non security issues : - Upgrade to 2.4.8 bnc887530 - Changed back from gzipped tarball to xz - Changed the keyring file to add Andrew John Hughes that signed the icedtea package - Change ZERO to AARCH64 tarball - Removed patches : -...

10CVSS7.8AI score0.10117EPSS
Exploits2References43
UbuntuCve
UbuntuCve
added 2014/08/26 12:0 a.m.23 views

CVE-2014-3174

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service read of...

5CVSS7.2AI score0.01585EPSS
Exploits0References5
CVE
CVE
added 2014/08/11 8:0 p.m.60 views

CVE-2014-3332

Cisco Unified Communications Manager (CM) 8.6(.2) and earlier contains an incorrect CLI restrictions setting that may allow an authenticated, remote attacker to establish undetected concurrent logins. The issue stems from improper sanitization of authenticated users, per Cisco’s advisory for CVE-...

4CVSS6.5AI score0.0164EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/08/11 8:0 p.m.22 views

CVE-2014-3332

Cisco Unified Communications Manager CM 8.6.2 and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029...

6.3AI score0.0164EPSS
Exploits0References5
Fedora
Fedora
added 2014/07/26 12:11 a.m.29 views

[SECURITY] Fedora 20 Update: speech-dispatcher-0.8-9.fc20

Common interface to different TTS engines Handling concurrent synthesis requests =E2=80=93 requests may come asynchronously from multiple sources within an application and/or from more different applications. Subsequent serialization, resolution of conflicts and priorities of incoming requests...

2.9CVSS0.6AI score0.01457EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/07/18 12:0 a.m.32 views

Oracle E-Business (July 2014 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2014 Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - Oracle Applications Technology Stack - Oracle Concurrent Processing - Oracle Applications Manager - Oracl...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References6
Hacker One
Hacker One
added 2014/07/15 4:3 p.m.22 views

HackerOne: No option to logout concurrent sessions

Description When I login to Hackerone using two different computers I can easily browse the session concurrently . This means that if an attacker somehow knows password of user by any means he can login using that info and the main user will not get notified. FIX If someone else login to a accoun...

2AI score
Exploits0
Rows per page
Query Builder