Lucene search
K

2114 matches found

Tenable Nessus
Tenable Nessus
added 2018/06/25 12:0 a.m.24 views

Debian DSA-4234-1 : lava-server - security update

Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call. C Tenable Network...

8.8CVSS7.3AI score0.02471EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/06/18 12:0 a.m.34 views

Debian DSA-4231-1 : libgcrypt20 - security update

It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4231. The text itself is copyright C Software ...

4.7CVSS6AI score0.00887EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/06/13 12:0 a.m.19 views

Debian DSA-4227-1 : plexus-archiver - security update

Danny Grander discovered a directory traversal flaw in plexus-archiver, an Archiver plugin for the Plexus compiler system, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted Zip archive. C Tenable Network Security, Inc. The descriptive text and...

5.5CVSS6.2AI score0.13179EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2018/06/11 12:0 a.m.44 views

Debian DSA-4220-1 : firefox-esr - security update

Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4220. The text...

8.8CVSS8.8AI score0.07666EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2018/06/05 12:0 a.m.27 views

Debian DSA-4214-1 : zookeeper - security update

It was discovered that Zookeeper, a service for maintaining configuration information, enforced no authentication/authorisation when a server attempts to join a Zookeeper quorum. This update backports authentication support. Additional configuration steps are needed, please see...

7.5CVSS7.5AI score0.08724EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2018/05/30 10:56 p.m.7 views

Exploit for Path Traversal in Debian Debian_Linux

PoC exploit for CVE-2018-11235 ============================== G...

7.8CVSS7.2AI score0.49188EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.28 views

Debian DSA-4211-1 : xdg-utils - security update

Gabriel Corona discovered that xdg-utils, a set of tools for desktop environment integration, is vulnerable to argument injection attacks. If the environment variable BROWSER in the victim host has a '%s' and the victim opens a link crafted by an attacker with xdg-open, the malicious party could...

8.8CVSS6.7AI score0.02472EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/05/21 12:0 a.m.38 views

Debian DSA-4204-1 : imagemagick - security update

This update fixes several vulnerabilities in imagemagick, a graphical software suite. Various memory handling problems or issues about incomplete input sanitizing would result in denial of service or memory disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in th...

8.8CVSS6.5AI score0.0354EPSS
Exploits4References19
Tenable Nessus
Tenable Nessus
added 2018/05/07 12:0 a.m.29 views

Debian DSA-4192-1 : libmad - security update

Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

7.8CVSS6.3AI score0.02538EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2018/05/07 12:0 a.m.57 views

Debian DSA-4193-1 : wordpress - security update

Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, bypass restrictions or unsafe redirects. More information can be found in the upstream advisory at...

6.1CVSS6.5AI score0.05259EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2018/05/04 12:0 a.m.61 views

Debian DSA-4190-1 : jackson-databind - security update

It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.8CVSS7.4AI score0.37925EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2018/04/30 12:0 a.m.38 views

Debian DSA-4184-1 : sdl-image1.2 - security update

Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened. C Tenable Network Security, Inc. The descriptive text and package checks in...

8.8CVSS7.3AI score0.02677EPSS
Exploits4References15
Packet Storm
Packet Storm
added 2018/04/03 12:0 a.m.30 views

ProcessMaker Plugin Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ProcessMaker Plugin Upload', 'Description' = %q This module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code a...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/29 12:0 a.m.43 views

Debian DSA-4155-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4155. T...

9.8CVSS8AI score0.12054EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2018/03/23 12:0 a.m.24 views

Debian DSA-4149-1 : plexus-utils2 - security update

Charles Duffy discovered that the Commandline class in the utilities for the Plexus framework performs insufficient quoting of double-encoded strings, which could result in the execution of arbitrary shell commands. C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.7AI score0.06543EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/23 12:0 a.m.19 views

Debian DSA-4121-1 : gcc-6 - security update

This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4121. The text itself i...

5.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2018/02/19 12:0 a.m.20 views

Debian Security Advisory DSA 4119-1 (libav - security update)

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.12 OpenVAS Vulnerability Test $Id: deb4119.nasl 8893 2018-02-21 06:36:27...

5CVSS8AI score0.0301EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/02/12 12:0 a.m.17 views

Debian DSA-4109-1 : ruby-omniauth - security update

Lalith Rallabhandi discovered that OmniAuth, a Ruby library for implementing multi-provider authentication in web applications, mishandled and leaked sensitive information. An attacker with access to the callback environment, such as in the case of a crafted web application, can request...

7.5CVSS7.3AI score0.02143EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/01/29 12:0 a.m.42 views

Debian DSA-4099-1 : ffmpeg - security update

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

6.5CVSS7.2AI score0.01827EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/01/29 12:0 a.m.39 views

Debian DSA-4100-1 : tiff - security update

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Adviso...

8.8CVSS7AI score0.03918EPSS
Exploits3References10
Rows per page
Query Builder