Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.30 views

Debian DSA-4410-1 : openjdk-8 - security update

A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

3.1CVSS6.5AI score0.03374EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/07/10 12:0 a.m.42 views

Debian DSA-4242-1 : ruby-sprockets - security update

Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production. C...

7.5CVSS7.7AI score0.26717EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2018/04/30 12:0 a.m.38 views

Debian DSA-4184-1 : sdl-image1.2 - security update

Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened. C Tenable Network Security, Inc. The descriptive text and package checks in...

8.8CVSS7.3AI score0.02677EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2018/02/23 12:0 a.m.20 views

Debian DSA-4121-1 : gcc-6 - security update

This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4121. The text itself i...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/22 12:0 a.m.26 views

Debian DSA-4093-1 : openocd - security update

Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host. This fix also sets the OpenOCD...

9.6CVSS8.6AI score0.04582EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.19 views

Debian DSA-4084-1 : gifsicle - security update

It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4084. The text itself is...

9.8CVSS8.5AI score0.02665EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.44 views

Debian DSA-4068-1 : rsync - security update

Several vulnerabilities were discovered in rsync, a fast, versatile, remote and local file-copying tool, allowing a remote attacker to bypass intended access restrictions or cause a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

9.8CVSS6.9AI score0.05163EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2017/10/12 12:0 a.m.21 views

Debian DSA-3931-1 : ruby-rack-cors - security update

Jens Mueller discovered that an incorrect regular expression in rack-cors may lead to insufficient restriction of CORS requests. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3931. The...

8.8CVSS7.8AI score0.02345EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.27 views

Debian DSA-3970-1 : emacs24 - security update

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

8.8CVSS7.9AI score0.04042EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2017/09/06 12:0 a.m.29 views

Debian DSA-3965-1 : file - security update

Thomas Jarosch discovered a stack-based buffer overflow flaw in file, a file type classification tool, which may result in denial of service if an ELF binary with a specially crafted .notes section is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

5.5CVSS6.6AI score0.00404EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.24 views

Debian DSA-3938-1 : libgd2 - security update

Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a...

6.5CVSS6.4AI score0.03418EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.31 views

Debian DSA-3905-1 : xorg-server - security update

Two security issues have been discovered in the X.org X server, which may lead to privilege escalation or an information leak. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3905. The tex...

8.8CVSS7.2AI score0.03877EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/06/22 12:0 a.m.12 views

Debian DSA-3890-1 : spip - security update

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.8CVSS8.8AI score0.03159EPSS
Exploits0References4
Rows per page
Query Builder