Lucene search
K

2114 matches found

OpenVAS
OpenVAS
added 2017/07/05 12:0 a.m.40 views

Debian Security Advisory DSA 3903-1 (tiff - security update)

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb3903.nasl 6682 2017-07-12 09:00:18Z cfischer $ Auto-generated from advisory DSA 3903-1 using...

5CVSS0.3AI score0.07482EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2017/06/23 12:0 a.m.40 views

Debian DSA-3891-1 : tomcat8 - security update

Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacemen...

7.5CVSS7.9AI score0.16567EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2017/06/23 12:0 a.m.22 views

Debian DSA-3895-1 : flatpak - security update

It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

7.8CVSS7.5AI score0.00355EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/06/22 12:0 a.m.29 views

Debian Security Advisory DSA 3893-1 (jython - security update)

Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer. OpenVAS Vulnerability Test $Id: deb3893.nasl 6782 2017-07-2...

7.5CVSS0.4AI score0.0657EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/06/22 12:0 a.m.12 views

Debian DSA-3890-1 : spip - security update

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.8CVSS8.8AI score0.03159EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/06/21 12:0 a.m.19 views

Debian Security Advisory DSA 3890-1 (spip - security update)

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution. OpenVAS Vulnerability Test $Id: deb3890.nasl 6607...

7.5CVSS9.8AI score0.03159EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/19 12:0 a.m.36 views

Debian Security Advisory DSA 3888-1 (exim4 - security update)

The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. OpenVAS Vulnerability Test $Id: deb3888.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generate...

2.1CVSS0.0053EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/16 12:0 a.m.28 views

Debian Security Advisory DSA 3884-1 (gnutls28 - security update)

Hubert Kario discovered that GnuTLS, a library implementing the TLS and SSL protocols, does not properly decode a status response TLS extension, allowing a remote attacker to cause an application using the GnuTLS library to crash denial of service. OpenVAS Vulnerability Test $Id: deb3884.nasl 660...

5CVSS0.0341EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/12 12:0 a.m.37 views

Debian Security Advisory DSA 3878-1 (zziplib - security update)

Agostino Sarubbo discovered multiple vulnerabilities in zziplib, a library to access Zip archives, which could result in denial of service and potentially the execution of arbitrary code if a malformed archive is processed. OpenVAS Vulnerability Test $Id: deb3878.nasl 6607 2017-07-07 12:04:25Z...

4.3CVSS0.1AI score0.02078EPSS
Exploits7References1
OpenVAS
OpenVAS
added 2017/06/01 12:0 a.m.29 views

Debian Security Advisory DSA 3869-1 (tnef - security update)

It was discovered that tnef, a tool used to unpack MIME attachments of type OpenVAS Vulnerability Test $Id: deb3869.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3869-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2017 Greenbo...

7.5CVSS0.2AI score0.01934EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/06/01 12:0 a.m.28 views

Debian DSA-3869-1 : tnef - security update

It was discovered that tnef, a tool used to unpack MIME attachments of type 'application/ms-tnef', did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash...

9.8CVSS8.2AI score0.01934EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/06/01 12:0 a.m.56 views

Debian DSA-3870-1 : wordpress - security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

8.8CVSS6.9AI score0.26699EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2017/05/30 12:0 a.m.30 views

Debian DSA-3864-1 : fop - security update

It was discovered that an XML external entities vulnerability in the Apache FOP XML formatter may result in information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3864. Th...

7.9CVSS7.2AI score0.0296EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2017/05/30 12:0 a.m.25 views

Debian Security Advisory DSA 3868-1 (openldap - security update)

Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend. OpenVAS Vulnerability Test $Id: deb3868.nasl 6607 2017-07-07 12:04:25Z cfische...

4CVSS6.7AI score0.07143EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2017/05/30 12:0 a.m.24 views

Debian DSA-3865-1 : mosquitto - security update

It was discovered that pattern-based ACLs in the Mosquitto MQTT broker could be bypassed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3865. The text itself is copyright C Software in t...

6.5CVSS6.8AI score0.02472EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2017/05/25 12:0 a.m.42 views

Debian DSA-3861-1 : libtasn1-6 - security update

Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into...

8.8CVSS7AI score0.05585EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/05/24 12:0 a.m.26 views

Debian Security Advisory DSA 3861-1 (libtasn1-6 - security update)

Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into...

6.8CVSS0.2AI score0.05585EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/05/19 12:0 a.m.47 views

Debian Security Advisory DSA 3858-1 (openjdk-7 - security update)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography. OpenVAS Vulnerability Test $Id: deb3858.nasl 6607 2017-07-07 12:04:25Z cfischer ...

7.1CVSS1AI score0.03311EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2017/05/18 12:0 a.m.29 views

Debian Security Advisory DSA 3855-1 (jbig2dec - security update)

Multiple security issues have been found in the JBIG2 decoder library, which may lead to denial of service, disclosure of sensitive information from process memory or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened. OpenVAS Vulnerability Test...

6.8CVSS0.1AI score0.01672EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/05/18 12:0 a.m.39 views

Debian Security Advisory DSA 3857-1 (mysql-connector-java - security update)

Two vulnerabilities have been found in the MySQL Connector/J JDBC driver. OpenVAS Vulnerability Test $Id: deb3857.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3857-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2017 Greenbone...

5.5CVSS0.01713EPSS
Exploits0References1
Rows per page
Query Builder