Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 6 : vte (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vte: DoS long loop via escape sequences with large repeat counts CVE-2012-2738 - The...

4CVSS7.3AI score0.11151EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.45 views

Oracle Linux 9 : buildah (ELSA-2023-6473)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6473 advisory. - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539...

9.8CVSS7.1AI score0.04561EPSS
Exploits1References12
Veracode
Veracode
added 2019/10/03 9:21 a.m.12 views

Regular Expression Denial Of Service (ReDoS)

mimer is vulnerable to regular expression denial of service ReDoS. The function extGetter uses an incorrect regular expression to split file path input from the user, causing an application crash via intensive CPU and memory consumption when parsing malicious file path...

5AI score
Exploits0
Veracode
Veracode
added 2019/05/02 5:19 a.m.28 views

Authentication Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws t...

10CVSS7.6AI score0.09991EPSS
Exploits0References37Affected Software5
CVE
CVE
added 2017/08/31 3:0 p.m.113 views

CVE-2017-14059

FFmpeg 3.3.3 is affected by CVE-2017-14059, a denial-of-service in cine_read_header() caused by missing EOF checks during CINE header parsing. A crafted CINE file with a large duration field but insufficient backing data can trigger an image-offset parsing loop that consumes excessive CPU and mem...

7.1CVSS7AI score0.01782EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/08/30 9:29 a.m.31 views

CVE-2017-13776

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it...

7.1CVSS6.8AI score0.0237EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2016/07/28 12:0 a.m.59 views

RHEL 5 / 6 / 7 : java-1.7.0-openjdk (RHSA-2016:1504)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...

9.6CVSS6.7AI score0.0669EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.52 views

Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2015-1920)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1920 advisory. 1:1.7.0.91-2.6.2.2.0.1 - Update DISTRONAME in specfile 1:1.7.0.91-2.6.2.2 - added and applied patch500 8072932or8074489.patch to fix tck failure -...

10CVSS6.7AI score0.09991EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.233 views

CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:1919)

Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS6.4AI score0.09991EPSS
Exploits0References20
RubySec
RubySec
added 2014/11/13 12:0 a.m.40 views

CVE-2014-8090 ruby: REXML incomplete fix for CVE-2014-8080

The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service CPU and memory consumption a crafted XML document containing an empty string in an entity that is used in a large number of...

5CVSS5.8AI score0.056EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.26 views

Amazon Linux AMI : libxml2 (ALAS-2013-188)

libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka 'internal entity expansion' with linear complexity. C Tenable...

4.3CVSS7.2AI score0.02856EPSS
Exploits0References2
NVD
NVD
added 2013/08/19 11:55 p.m.23 views

CVE-2013-2160

The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service CPU and memory consumption via crafted XML with a large number of 1 elements, 2 attributes, 3 nested constructs, and possibly other vectors...

5CVSS6.5AI score0.32259EPSS
Exploits6References12
RedHat Linux
RedHat Linux
added 2011/09/15 5:50 p.m.43 views

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common package that fixes one security issue is now available for JBoss Enterprise Web Platform 5.1.1 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

5CVSS5.8AI score0.02664EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/09/15 5:47 p.m.38 views

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.1 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring...

5CVSS5.8AI score0.02664EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2011/03/31 10:0 p.m.25 views

CVE-2011-1174

manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x before 1.8.3.2 allows remote attackers to cause a denial of service CPU and memory consumption via a series of manager sessions involving invalid data...

5CVSS6.3AI score0.02724EPSS
Exploits0
Cvelist
Cvelist
added 2011/03/02 7:0 p.m.51 views

CVE-2010-4756

The glob implementation in the GNU C Library aka glibc or libc6 allows remote authenticated users to cause a denial of service CPU and memory consumption via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a differen...

5.7AI score0.02633EPSS
Exploits2References5
CVE
CVE
added 2011/03/02 7:0 p.m.1766 views

CVE-2010-4755

CVE-2010-4755 : OpenSSH 5.8 and earlier is affected. The vulnerability resides in the remote_glob function (sftp-glob.c) and the process_put function (sftp.c), used by OpenSSH’s SFTP daemon. Remote authenticated users can trigger CPU and memory exhaustion by sending crafted glob expressions that ...

4CVSS5AI score0.07792EPSS
Exploits2References7Affected Software4
Cvelist
Cvelist
added 2011/01/19 3:0 p.m.35 views

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the...

5.5AI score0.32357EPSS
Exploits10References11
Debian
Debian
added 2008/02/06 7:14 p.m.32 views

[SECURITY] [DSA 1483-1] New net-snmp packages fix denial of service vulnerability

------------------------------------------------------------------------ Debian Security Advisory DSA-1483-1 [email protected] http://www.debian.org/security/ Noah Meyerhans February 06, 2008 http://www.debian.org/security/faq -...

7.8CVSS6AI score0.26183EPSS
Exploits1
NVD
NVD
added 2006/03/26 10:2 p.m.15 views

CVE-2006-1387

TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service infinite recursion leading to CPU and memory consumption via INCLUDE by URL statements that form a loop, such as a page that includes itself...

4CVSS6.3AI score0.01296EPSS
Exploits0References5
Rows per page
Query Builder