Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.17 views

Debian DLA-399-1 : foomatic-filters security update

cups-filters contains multiple buffer overflows caused by lack of size checks when copying from environment variables to local buffers strcpy as well on string concatenation operations strcat. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.30 views

Debian DLA-398-1 : privoxy security update

CVE-2016-1982 Prevent invalid reads in case of corrupt chunk-encoded content CVE-2016-1983 Remove empty Host headers in client requests; resulting in invalid reads. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has...

7.5CVSS7.2AI score0.02867EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/08/24 12:0 a.m.18 views

Debian DLA-296-1 : extplorer security update

Multiple cross-site scripting XSS vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has...

4.3CVSS5.4AI score0.01187EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.30 views

Debian DLA-24-1 : poppler security update

It was discovered that poppler did return program execution to the libjpeg library under error conditions, which is not expected by the library and results in application crash and possibly code execution. NOTE: Tenable Network Security has extracted the preceding description block directly from...

4.3CVSS7.6AI score0.02978EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.24 views

Debian DLA-105-1 : graphviz security update

Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash or possibly execute arbitrary code. NOTE: Tenable Network Security has extracted the...

7.5CVSS7.3AI score0.05569EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/11/05 12:0 a.m.20 views

Debian DSA-2791-1 : tryton-client - missing input sanitization

Cedric Krier discovered that the Tryton client does not sanitize the file extension supplied by the server when processing reports. As a result, a malicious server could send a report with a crafted file extension that causes the client to write any local file to which the user running the client...

7.8CVSS5.3AI score0.02137EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2013/09/02 12:0 a.m.29 views

Debian DSA-2747-1 : cacti - several vulnerabilities

Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems : - CVE-2013-5588 install/index.php and cacti/host.php suffered from Cross-Site Scripting vulnerabilities. - CVE-2013-5589 cacti/host.php contained a SQL injection vulnerability, allowing an attacker ...

7.5CVSS8.3AI score0.01988EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2013/07/30 12:0 a.m.36 views

Debian DSA-2729-1 : openafs - several vulnerabilities

OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets. Additional migration steps are needed to fully set the update into effect. For more information please see the upstream advisory: OPENAFS-SA-2013-003 In addition the...

4.3CVSS5.3AI score0.01855EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.26 views

Debian DSA-2630-1 : postgresql-8.4 - programming error

Sumit Soni discovered that PostgreSQL, an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

6.8CVSS8AI score0.03592EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/10/22 12:0 a.m.31 views

Debian DSA-2561-1 : tiff - buffer overflow

It was discovered that a buffer overflow in libtiff's parsing of files using PixarLog compression could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

6.8CVSS8.2AI score0.06728EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/16 12:0 a.m.26 views

Debian DSA-2530-1 : rssh - shell command injection

Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2530. The text itself is copyrigh...

2.1CVSS5.3AI score0.00388EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/05/18 12:0 a.m.25 views

Debian DSA-2474-1 : ikiwiki - XSS

Raul Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author and its URL of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

4.3CVSS7.9AI score0.02108EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/03/26 12:0 a.m.40 views

Debian DSA-2441-1 : gnutls26 - missing bounds check

Matthew Hall discovered that GNUTLS does not properly handle truncated GenericBlockCipher structures nested inside TLS records, leading to crashes in applications using the GNUTLS library. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

5CVSS7.5AI score0.04202EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2012/03/05 12:0 a.m.19 views

Debian DSA-2425-1 : plib - buffer overflow

It was discovered that PLIB, a library used by TORCS, contains a buffer overflow in error message processing, which could allow remote attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

9.3CVSS5.9AI score0.12795EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/02/21 12:0 a.m.41 views

Debian DSA-2413-1 : libarchive - buffer overflows

Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading ISO 9660 or tar streams allow remote attackers to execute arbitrary code depending on the application...

6.8CVSS6.2AI score0.04246EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/01/24 12:0 a.m.33 views

Debian DSA-2392-1 : openssl - out-of-bounds read

Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5CVSS7.4AI score0.13856EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/11/14 12:0 a.m.37 views

Debian DSA-2344-1 : python-django-piston - deserialization vulnerability

It was discovered that the Piston framework can deserializes untrusted YAML and Pickle data, leading to remote code execution CVE-2011-4103 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

7.5CVSS6.3AI score0.02409EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2011/07/05 12:0 a.m.29 views

Debian DSA-2270-1 : qemu-kvm - programming error

It was discovered that incorrect sanitising of virtio queue commands in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service or the execution of arbitrary code. The oldstable distribution lenny is not affected by this problem. %NASLMINLEVEL 70300 C Tenable...

5.8CVSS5.7AI score0.01903EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/05/13 12:0 a.m.35 views

Debian DSA-2236-1 : exim4 - command injection

It was discovered that Exim, Debian's default mail transfer agent, is vulnerable to command injection attacks in its DKIM processing code, leading to arbitrary code execution. CVE-2011-1407 The default configuration supplied by Debian does not expose this vulnerability. The oldstable distribution...

7.5CVSS7.4AI score0.03802EPSS
Exploits0References4
Rows per page
Query Builder