Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.37 views

Debian: Security Advisory (DLA-1151-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.8AI score0.13385EPSS
Exploits5References3
Debian
Debian
added 2017/11/12 10:15 p.m.39 views

[SECURITY] [DLA 1151-2] wordpress regression update

Package : wordpress Version : 3.6.1+dfsg-1deb7u19 Debian Bug : 881088 The fix for CVE-2017-14990 issued as DLA-1151-1 was incomplete and caused a regression. It was discovered that an additional database upgrade and further code changes would be necessary. At the moment these changes are deemed a...

6.5CVSS7.6AI score0.01764EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.36 views

Debian DLA-1151-2 : wordpress regression update

The fix for CVE-2017-14990 issued as DLA-1151-1 was incomplete and caused a regression. It was discovered that an additional database upgrade and further code changes would be necessary. At the moment these changes are deemed as too intrusive and thus the initial patch for CVE-2017-14990 has been...

6.5CVSS7.3AI score0.01764EPSS
Exploits3References2
Debian
Debian
added 2017/10/11 11:51 a.m.33 views

[SECURITY] [DSA 3997-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3997-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez October 10, 2017 https://www.debian.org/security/faq -...

9.8CVSS7.6AI score0.13385EPSS
Exploits5
0day.today
0day.today
added 2017/10/08 12:0 a.m.64 views

WordPress 4.8.2 Activation Key Failed Expiry Vulnerability

WordPress version 4.8.2 fails to have an expiration mechanism tied to activation keys allowing for eternal use. Details ================ Software: WordPress Version: 4.8.2 Homepage: https://wordpress.org/ Advisory report: https://security.dxw.com/advisories/wordpress-signups-activation/ CVE:...

4CVSS8.2AI score0.01764EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/10/06 12:0 a.m.464 views

WordPress 4.8.2 Activation Key Failed Expiry

Details ================ Software: WordPress Version: 4.8.2 Homepage: https://wordpress.org/ Advisory report: https://security.dxw.com/advisories/wordpress-signups-activation/ CVE: CVE-2017-14990 CVSS: 0 Low; AV:L/AC:H/Au:M/C:N/I:N/A:N Description ================ WordPress does not hash or expir...

0.2AI score0.01764EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2017/10/03 1:29 a.m.32 views

CVE-2017-14990

WordPress 4.8.2 stores cleartext wpsignups.activationkey values but stores the analogous wpusers.useractivationkey values as hashes, which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access such as access gained through an unspecified...

6.5CVSS6.9AI score0.01764EPSS
Exploits3References1
Rows per page
Query Builder