Lucene search
K

34 matches found

Check Point Advisories
Check Point Advisories
added 2020/07/03 12:0 a.m.10 views

uWSGI PHP Plugin Directory Traversal (CVE-2018-7490)

A directory traversal vulnerability exists in Debian debian linux 8.0. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

5CVSS5.2AI score0.69907EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2018/04/30 12:0 a.m.38 views

Debian DSA-4184-1 : sdl-image1.2 - security update

Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened. C Tenable Network Security, Inc. The descriptive text and package checks in...

8.8CVSS7.3AI score0.02677EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2018/01/22 12:0 a.m.26 views

Debian DSA-4093-1 : openocd - security update

Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host. This fix also sets the OpenOCD...

9.6CVSS8.6AI score0.04582EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.19 views

Debian DSA-4084-1 : gifsicle - security update

It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4084. The text itself is...

9.8CVSS8.5AI score0.02665EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.44 views

Debian DSA-4068-1 : rsync - security update

Several vulnerabilities were discovered in rsync, a fast, versatile, remote and local file-copying tool, allowing a remote attacker to bypass intended access restrictions or cause a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

9.8CVSS6.9AI score0.05163EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.27 views

Debian DSA-3970-1 : emacs24 - security update

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

8.8CVSS7.9AI score0.04042EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.24 views

Debian DSA-3938-1 : libgd2 - security update

Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a...

6.5CVSS6.4AI score0.03418EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.31 views

Debian DSA-3905-1 : xorg-server - security update

Two security issues have been discovered in the X.org X server, which may lead to privilege escalation or an information leak. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3905. The tex...

8.8CVSS7.2AI score0.03877EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/06/01 12:0 a.m.56 views

Debian DSA-3870-1 : wordpress - security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

8.8CVSS6.9AI score0.26699EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2017/03/20 12:0 a.m.16 views

Debian DSA-3812-1 : ioquake3 - security update

It was discovered that ioquake3, a modified version of the ioQuake3 game engine performs insufficent restrictions on automatically downloaded content pk3 files or game code, which allows malicious game servers to modify configuration settings including driver settings. %NASLMINLEVEL 70300 C Tenab...

9.3CVSS7.3AI score0.01291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/03/06 12:0 a.m.32 views

Debian DSA-3801-1 : ruby-zip - security update

It was discovered that ruby-zip, a Ruby module for reading and writing zip files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. %NASLMINLEVEL 70300 C...

9.8CVSS7.9AI score0.0347EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/02/10 12:0 a.m.43 views

Debian DSA-3784-1 : viewvc - security update

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

6.1CVSS6.1AI score0.01318EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/01/12 12:0 a.m.35 views

Debian DSA-3757-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple vulnerabilities may lead to the execution of arbitrary code, data leakage or bypass of the content security policy. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

9.8CVSS8.1AI score0.21401EPSS
Exploits11References10
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.33 views

Debian DSA-3742-1 : flightgear - security update

It was discovered that the Flight Gear flight simulator performs insufficient sanitising of Nasal scripts which allows a malicious script to overwrite arbitrary files with the privileges of the user running Flight Gear. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.5CVSS7.4AI score0.0324EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.40 views

Debian DSA-3718-1 : drupal7 - security update

Multiple vulnerabilities has been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/SA-CORE-2016-005 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

6.8CVSS5.8AI score0.01957EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/09/09 12:0 a.m.19 views

Debian DSA-3662-1 : inspircd - security update

It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3662. The text...

5.9CVSS6.2AI score0.0108EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/09/08 12:0 a.m.20 views

Debian DSA-3661-1 : charybdis - security update

It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3661. The text...

8.1CVSS7.3AI score0.0106EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/08/08 12:0 a.m.32 views

Debian DSA-3643-1 : kde4libs - security update

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with '../' in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricke...

7.5CVSS7.1AI score0.04429EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/07/05 12:0 a.m.29 views

Debian DSA-3615-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS6.9AI score0.02776EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2016/05/18 12:0 a.m.47 views

Debian DSA-3582-1 : expat - security update

Gustavo Grieco discovered that Expat, an XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take advantage of this flaw to cause an application using the Expat libra...

9.8CVSS8.4AI score0.19069EPSS
Exploits3References5
Rows per page
Query Builder