Lucene search
+L

391 matches found

debiancve
debiancve
added 2014/01/06 11:0 a.m.42 views

CVE-2013-7263

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, or 3 recvmsg system call, related to net/ipv4/ping.c,...

4.9CVSS6.6AI score0.0048EPSS
Exploits0
osv
osv
added 2013/12/17 11:19 p.m.20 views

MGASA-2013-0372 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6createtempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary...

7.8CVSS8.6AI score0.09408EPSS
Exploits11References28
osv
osv
added 2013/10/22 10:55 p.m.7 views

CVE-2013-1739

Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...

7.3AI score
Exploits0References23
prion
prion
added 2013/10/22 10:55 p.m.26 views

Design/Logic Flaw

Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...

5CVSS7.9AI score0.03406EPSS
Exploits0References23Affected Software1
nessus
nessus
added 2013/09/27 12:0 a.m.71 views

Juniper Steel-Belted Radius Multiple OpenSSL Vulnerabilities

The version of Juniper Steel-Belted Radius software installed on the remote RedHat or CentOS host is affected by multiple OpenSSL vulnerabilities : - The SSL 3.0 implementation in OpenSSL does not properly initialize data structures for block cipher padding, which could allow remote attackers to...

5CVSS8AI score0.16645EPSS
Exploits0References3
prion
prion
added 2013/09/25 10:31 a.m.23 views

Code injection

The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network...

5CVSS6.5AI score0.04144EPSS
Exploits2References15Affected Software1
prion
prion
added 2013/09/19 10:28 a.m.17 views

Design/Logic Flaw

The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the 1 msgctl API or 2 segctl API...

4.9CVSS5.2AI score0.00354EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2013/09/19 10:0 a.m.24 views

CVE-2013-5142

The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the 1 msgctl API or 2 segctl API...

4.8AI score0.00354EPSS
Exploits0References4
nessus
nessus
added 2013/07/12 12:0 a.m.37 views

Oracle Linux 5 : apr / and / apr-util (ELSA-2009-1204)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1204 advisory. - add security fix for CVE-2009-2412 515709 apr-util: Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

10CVSS7.7AI score0.13781EPSS
Exploits2References2
openvas
openvas
added 2013/05/27 12:0 a.m.27 views

Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 (Mac OS X)

This host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrmultvuln01may13macosx.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 Mac OS X Authors: Arun...

10CVSS0.8AI score0.10893EPSS
Exploits5References2
prion
prion
added 2013/05/16 11:45 a.m.23 views

Design/Logic Flaw

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain...

4.3CVSS6.4AI score0.06696EPSS
Exploits1References15Affected Software4
attackerkb
attackerkb
added 2013/05/16 12:0 a.m.34 views

CVE-2013-1675

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain...

6.5CVSS5AI score0.06696EPSS
In wildExploits1References16
prion
prion
added 2012/10/04 7:55 p.m.20 views

Design/Logic Flaw

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of 1 PPP and 2 LCP data, which allows remote attackers to cause a denial of service assertion failure and application exit via a malformed packet...

3.3CVSS6.9AI score0.0091EPSS
Exploits0References12Affected Software1
openvas
openvas
added 2012/07/30 12:0 a.m.26 views

CentOS Update for apr CESA-2011:0844 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS7.8AI score0.30406EPSS
Exploits5References2
nessus
nessus
added 2012/04/05 12:0 a.m.31 views

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : tiff vulnerabilities (USN-1416-1)

Alexander Gavrun discovered that the TIFF library incorrectly allocated space for a tile. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of...

6.8CVSS8.5AI score0.06918EPSS
Exploits0References3
fedora
fedora
added 2012/03/01 9:35 a.m.56 views

[SECURITY] Fedora 15 Update: apr-1.4.6-1.fc15

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2...

5CVSS1.6AI score0.43346EPSS
Exploits5
fedora
fedora
added 2012/03/01 9:21 a.m.41 views

[SECURITY] Fedora 16 Update: apr-1.4.6-1.fc16

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2...

5CVSS6.5AI score0.43346EPSS
Exploits0
osv
osv
added 2012/02/09 12:0 a.m.43 views

DSA-2406-1 icedove - several

Bulletin has no description...

10CVSS8.7AI score0.07936EPSS
Exploits2
ptsecurity
ptsecurity
added 2011/10/05 12:0 a.m.4 views

PT-2012-1579 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39.3 Description: The issue allows local users to obtain potentially sensitive information via a crafted application due to improper restriction of user-space access to certain packet data structures...

6.9CVSS7.1AI score0.01106EPSS
Exploits8References31
cvelist
cvelist
added 2011/07/18 7:0 p.m.26 views

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

5.7AI score0.00397EPSS
Exploits1References14
Rows per page
Query Builder