Lucene search
K

11 matches found

Debian
Debian
added 2014/09/17 12:5 p.m.37 views

[SECURITY] [DLA 56-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb6u5 CVE ID : CVE-2014-2053 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240 CVE-2014-5265 CVE-2014-5266 Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information...

7.5CVSS7.2AI score0.24385EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/08/23 12:0 a.m.34 views

Fedora Update for wordpress FEDORA-2014-9270

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9AI score0.24385EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2014/08/22 12:0 a.m.31 views

Fedora 20 : drupal7-7.31-1.fc20 (2014-9278)

Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix release. For complete details, refer to: https://www.drupal.org/drupal-7.30-release-notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS5.4AI score0.24385EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2014/08/22 12:0 a.m.43 views

Fedora Update for wordpress FEDORA-2014-9264

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.24385EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2014/08/22 12:0 a.m.34 views

Fedora Update for drupal7 FEDORA-2014-9278

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.24385EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2014/08/22 12:0 a.m.41 views

Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)

Upstream announcement: http://wordpress.org/news/2014/08/wordpress-3-9-2/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.3AI score0.24385EPSS
Exploits3References10
Prion
Prion
added 2014/08/18 11:15 a.m.29 views

Design/Logic Flaw

The Incutio XML-RPC IXR Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service CPU consumption via a large document, a different vulnerability...

5CVSS6.6AI score0.24385EPSS
Exploits3References7Affected Software3
CVE
CVE
added 2014/08/18 10:0 a.m.232 views

CVE-2014-5265

Technical details for CVE-2014-5265 are not publicly provided in the connected documents. The Initial Description mentions an XML entity expansion denial of service in IXR used by WordPress/Drupal. Monitor vendor advisories for updates.

5CVSS6.8AI score0.03089EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/08/10 12:0 a.m.39 views

Debian DSA-3001-1 : wordpress - security update

Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/. %NASLMINLEVEL 70300 C Tenable Network Security,...

7.5CVSS8.1AI score0.24385EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2014/08/10 12:0 a.m.37 views

Debian DSA-2999-1 : drupal7 - security update

A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable...

6.8CVSS5.4AI score0.24385EPSS
Exploits3References6
Drupal
Drupal
added 2014/08/06 12:0 a.m.662 views

SA-CORE-2014-004 - Drupal core - Denial of service

Drupal 6 and Drupal 7 include an XML-RPC endpoint which is publicly available xmlrpc.php. The PHP XML parser used by this XML-RPC endpoint is vulnerable to an XML entity expansion attack and other related XML payload attacks which can cause CPU and memory exhaustion and the site's database to rea...

6.8CVSS6.5AI score0.03786EPSS
Exploits0References21
Rows per page
Query Builder