Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2020-0374)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.0481EPSS
Exploits1References4
Mageia
Mageia
added 2020/09/27 8:6 p.m.33 views

Updated novnc package fixes a security vulnerability

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. CVE-2017-18635...

6.1CVSS2AI score0.0481EPSS
Exploits1References2
OSV
OSV
added 2020/09/21 6:50 p.m.4 views

USN-4522-1 novnc vulnerability

It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting XSS attacks. CVE-2017-18635...

6.1CVSS6.4AI score0.0481EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.35 views

Ubuntu 16.04 LTS : noVNC vulnerability (USN-4522-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4522-1 advisory. It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An...

6.1CVSS6AI score0.0481EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/03/10 11:19 a.m.59 views

Moderate: Red Hat Security Advisory: novnc security update

An updated novnc package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 13.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

6.1CVSS6.3AI score0.0481EPSS
Exploits1References3
CVE
CVE
added 2019/09/25 10:59 p.m.178 views

CVE-2017-18635

CVE-2017-18635 describes an XSS in noVNC before 0.6.2 where a remote VNC server can inject arbitrary HTML into the noVNC page via status field messages (e.g., server name). Connected advisories confirm affected packages across multiple distros (Debian, Ubuntu, Mageia, Red Hat-related advisories) ...

6.1CVSS5.8AI score0.0481EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder