Lucene search
K

2114 matches found

BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.45 views

The vulnerability of the modular IRC server InspIRCd for the Debian GNU/Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the modular IRC server InspIRCd for the Debian GNU/Linux operating system is related to improper handling of integer variables. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

9.8CVSS7.7AI score0.01625EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.38 views

Debian DSA-4012-1 : libav - security update

Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11 .11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

9.8CVSS7.4AI score0.02771EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/10/31 12:0 a.m.26 views

Debian DSA-4011-1 : quagga - security update

It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment ASPATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS7AI score0.1879EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.48 views

Debian DSA-4004-1 : jackson-databind - security update

Liao Xinxi discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attemtping deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input. %NASLMINLEVEL 70300 C Tenable...

9.8CVSS7.9AI score0.37925EPSS
Exploits7References5
Tenable Nessus
Tenable Nessus
added 2017/10/12 12:0 a.m.21 views

Debian DSA-3931-1 : ruby-rack-cors - security update

Jens Mueller discovered that an incorrect regular expression in rack-cors may lead to insufficient restriction of CORS requests. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3931. The...

8.8CVSS7.8AI score0.02345EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.27 views

Debian DSA-3970-1 : emacs24 - security update

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

8.8CVSS7.9AI score0.04042EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2017/09/06 12:0 a.m.29 views

Debian DSA-3965-1 : file - security update

Thomas Jarosch discovered a stack-based buffer overflow flaw in file, a file type classification tool, which may result in denial of service if an ELF binary with a specially crafted .notes section is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

5.5CVSS6.6AI score0.00404EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.22 views

Debian DSA-3941-1 : iortcw - security update

A read buffer overflow was discovered in the idtech3 Quake III Arena family of game engines. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted packet. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

9.8CVSS8.8AI score0.02517EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.31 views

Debian DSA-3935-1 : postgresql-9.4 - security update

Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The loput function ignored ACLs. For more in-depth...

9.8CVSS7.1AI score0.61566EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2017/08/14 12:0 a.m.24 views

Debian DSA-3938-1 : libgd2 - security update

Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a...

6.5CVSS6.4AI score0.03418EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/08/11 12:0 a.m.30 views

Debian DSA-3928-1 : firefox-esr - security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of...

10CVSS7.4AI score0.04187EPSS
Exploits13References18
Tenable Nessus
Tenable Nessus
added 2017/08/07 12:0 a.m.38 views

Debian DSA-3925-1 : qemu - security update

Multiple vulnerabilities were found in qemu, a fast processor emulator : - CVE-2017-9524 Denial of service in qemu-nbd server - CVE-2017-10806 Buffer overflow in USB redirector - CVE-2017-11334 Out-of-band memory access in DMA operations - CVE-2017-11434 Out-of-band memory access in SLIRP/DHCP...

7.5CVSS6.8AI score0.04093EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2017/08/01 12:0 a.m.31 views

Debian Security Advisory DSA 3923-1 (freerdp - security update)

Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol RDP, contained several vulnerabilities that allowed a malicious remote server or a man-in-the-middle to either cause a DoS by forcibly terminating the client, or execute arbitrary code on the client...

0.7AI score0.01826EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2017/07/28 12:0 a.m.15 views

Debian Security Advisory DSA 3921-1 (enigmail - security update)

In DSA 3918 Thunderbird was upgraded to the latest ESR series. This update upgrades Enigmail, the OpenPGP extention for Thunderbird, to version 1.9.8.1 to restore full compatibility. OpenVAS Vulnerability Test $Id: deb3921.nasl 6835 2017-08-02 12:55:28Z cfischer $ Auto-generated from advisory DSA...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/07/28 12:0 a.m.39 views

Debian Security Advisory DSA 3922-1 (mysql-5.5 - security update)

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.57, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see th...

4.9CVSS0.03225EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/07/25 12:0 a.m.36 views

Debian Security Advisory DSA 3919-1 (openjdk-8 - security update)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, use of insecure cryptography, side channel attacks, information disclosure, the execution of arbitrary code, denial of service or bypassing Jar verification. OpenVA...

6.8CVSS0.3AI score0.05034EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/07/14 12:0 a.m.22 views

Debian Security Advisory DSA 3909-1 (samba - security update)

Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus OpenVAS Vulnerability Test $Id: deb3909.nasl 6800 2017-07-26 06:58:22Z cfischer $ Auto-generated from advisory DSA...

6.8CVSS0.5AI score0.05118EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.31 views

Debian DSA-3905-1 : xorg-server - security update

Two security issues have been discovered in the X.org X server, which may lead to privilege escalation or an information leak. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3905. The tex...

8.8CVSS7.2AI score0.03877EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/07/06 12:0 a.m.35 views

Debian DSA-3903-1 : tiff - security update

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

7.5CVSS6.6AI score0.07482EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2017/07/05 12:0 a.m.26 views

Debian Security Advisory DSA 3902-1 (jabberd2 - security update)

It was discovered that jabberd2, a Jabber instant messenger server, allowed anonymous SASL connections, even if disabled in the configuration. OpenVAS Vulnerability Test $Id: deb3902.nasl 6757 2017-07-19 05:57:31Z cfischer $ Auto-generated from advisory DSA 3902-1 using nvtgen 1.0 Script version:...

7.5CVSS0.3AI score0.0289EPSS
Exploits0References1
Rows per page
Query Builder