Lucene search
K

2115 matches found

OpenVAS
OpenVAS
added 2017/05/18 12:0 a.m.29 views

Debian Security Advisory DSA 3855-1 (jbig2dec - security update)

Multiple security issues have been found in the JBIG2 decoder library, which may lead to denial of service, disclosure of sensitive information from process memory or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened. OpenVAS Vulnerability Test...

6.8CVSS0.1AI score0.01672EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/05/15 12:0 a.m.48 views

Debian DSA-3850-1 : rtmpdump - security update

Dave McDaniel discovered multiple vulnerabilities in rtmpdump, a small dumper/library for RTMP media streams, which may result in denial of service or the execution of arbitrary code if a malformed stream is dumped. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

9.8CVSS7.7AI score0.05923EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2017/05/11 12:0 a.m.58 views

Debian DSA-3848-1 : git - security update

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn 'git upload-pack --help'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

8.8CVSS7.1AI score0.12387EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2017/05/10 12:0 a.m.39 views

Debian Security Advisory DSA 3848-1 (git - security update)

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn OpenVAS Vulnerability Test $Id: deb3848.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3848-1...

6.5CVSS8.7AI score0.12387EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2017/05/08 12:0 a.m.13 views

Debian Security Advisory DSA 3845-1 (libtirpc - security update)

Guido Vranken discovered that incorrect memory management in libtirpc, a transport-independent RPC library used by rpcbind and other programs may result in denial of service via memory exhaustion depending on memory management settings. OpenVAS Vulnerability Test $Id: deb3845.nasl 6607 2017-07-07...

7.8CVSS0.6AI score0.81921EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.46 views

Debian DSA-3825-1 : jhead - security update

It was discovered that jhead, a tool to manipulate the non-image part of EXIF compliant JPEG files, is prone to an out-of-bounds access vulnerability, which may result in denial of service or, potentially, the execution of arbitrary code if an image with specially crafted EXIF data is processed...

7.8CVSS6.8AI score0.01267EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/03/28 12:0 a.m.24 views

Debian Security Advisory DSA 3823-1 (eject - security update)

Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid and setgid when dropping privileges. OpenVAS Vulnerability Test $Id: deb3823.nasl 6607 2017-07-0...

7.2CVSS0.9AI score0.00469EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/03/27 12:0 a.m.34 views

Debian Security Advisory DSA 3821-1 (gst-plugins-ugly1.0 - security update)

Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened. OpenVAS Vulnerability Test $Id: deb3821.nasl 6607 2017-07-07 12:04:25Z cfisch...

5CVSS0.2AI score0.03734EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/03/27 12:0 a.m.35 views

Debian Security Advisory DSA 3819-1 (gst-plugins-base1.0 - security update)

Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened. OpenVAS Vulnerability Test $Id: deb3819.nasl 6607 2017-07-07 12:04:25Z cfisch...

5CVSS0.3AI score0.0448EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/03/22 12:0 a.m.33 views

Debian Security Advisory DSA 3814-1 (audiofile - security update)

Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed. OpenVAS Vulnerability Test $Id: deb3814.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DS...

6.8CVSS0.5AI score0.03241EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2017/03/20 12:0 a.m.16 views

Debian DSA-3812-1 : ioquake3 - security update

It was discovered that ioquake3, a modified version of the ioQuake3 game engine performs insufficent restrictions on automatically downloaded content pk3 files or game code, which allows malicious game servers to modify configuration settings including driver settings. %NASLMINLEVEL 70300 C Tenab...

9.3CVSS7.3AI score0.01291EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/03/18 12:0 a.m.29 views

Debian Security Advisory DSA 3811-1 (wireshark - security update)

It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for ASTERIX, DHCPv6, NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to various crashes, denial-of-service or execution of arbitrary code. OpenVAS Vulnerability Test...

7.8CVSS0.4AI score0.02949EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/03/06 12:0 a.m.32 views

Debian DSA-3801-1 : ruby-zip - security update

It was discovered that ruby-zip, a Ruby module for reading and writing zip files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. %NASLMINLEVEL 70300 C...

9.8CVSS7.9AI score0.0347EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/02/28 12:0 a.m.29 views

Debian Security Advisory DSA 3797-1 (mupdf - security update)

Multiple vulnerabilities have been found in the PDF viewer MuPDF, which may result in denial of service or the execution of arbitrary code if a malformed PDF file is opened. OpenVAS Vulnerability Test $Id: deb3797.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3797-1...

5CVSS7.5AI score0.15181EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2017/02/21 12:0 a.m.38 views

Debian: Security Advisory (DSA-3791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.0596EPSS
Exploits13References3
OpenVAS
OpenVAS
added 2017/02/13 12:0 a.m.28 views

Debian Security Advisory DSA 3786-1 (vim - security update)

Editor spell files passed to the vim Vi IMproved editor may result in an integer overflow in memory allocation and a resulting buffer overflow which potentially could result in the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb3786.nasl 6607 2017-07-07...

7.5CVSS0.6AI score0.02834EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/02/10 12:0 a.m.43 views

Debian DSA-3784-1 : viewvc - security update

Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

6.1CVSS6.1AI score0.01318EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.24 views

Debian Security Advisory DSA 3777-1 (libgd2 - security update)

Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. OpenVAS Vulnerability Test $Id: deb3777.nasl 6607 2017-07-...

7.5CVSS0.1AI score0.10687EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/01/25 12:0 a.m.35 views

Debian Security Advisory DSA 3771-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or privilege escalation. OpenVAS Vulnerability Test $Id: deb3771.nasl 6607...

0.7AI score0.33434EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2017/01/13 12:0 a.m.49 views

Debian Security Advisory DSA 3763-1 (pdns-recursor - security update)

Florian Heinz and Martin Kluge reported that pdns-recursor, a recursive DNS server, parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a...

0.5AI score0.07294EPSS
Exploits0References1
Rows per page
Query Builder