Lucene search
K

2119 matches found

OpenVAS
OpenVAS
added 2015/11/16 12:0 a.m.21 views

Debian Security Advisory DSA 3398-1 (strongswan - security update)

Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without...

5CVSS0.3AI score0.02582EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/11/04 12:0 a.m.26 views

Debian Security Advisory DSA 3392-1 (freeimage - security update)

Pengsu Cheng discovered that FreeImage, a library for graphic image formats, contained multiple integer underflows that could lead to a denial of service: remote attackers were able to trigger a crash by supplying a specially crafted image. OpenVAS Vulnerability Test $Id: deb3392.nasl 6609...

5CVSS0.02975EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/31 12:0 a.m.50 views

Debian Security Advisory DSA 3385-1 (mariadb-10.0 - security update)

Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.22. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10021-release-notes...

7.2CVSS7.4AI score0.30146EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2015/10/30 9:37 a.m.14 views

CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...

7.2CVSS7AI score0.00949EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2015/10/30 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow attackers to compromise security of information

The multiple vulnerabilities of the ibfillisqlda function in the DBD-Firebird database driver for the Debian GNU/Linux operating system are caused by a buffer overflow in the stack. Exploitation of these vulnerabilities could allow an attacker to compromise security measures...

10CVSS5.9AI score0.04246EPSS
Exploits0References7Affected Software2
OpenVAS
OpenVAS
added 2015/10/29 12:0 a.m.29 views

Debian Security Advisory DSA 3384-1 (virtualbox - security update)

Two vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution. OpenVAS Vulnerability Test $Id: deb3384.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3384-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c...

5CVSS7.6AI score0.03667EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.34 views

Debian Security Advisory DSA 3370-1 (freetype - security update)

It was discovered that FreeType did not properly handle some malformed inputs. This could allow remote attackers to cause a denial of service crash via crafted font files. OpenVAS Vulnerability Test $Id: deb3370.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3370-1 usi...

7.5CVSS0.03734EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.31 views

Debian DSA-3367-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

4.3CVSS6AI score0.03241EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2015/09/25 12:0 a.m.23 views

Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)

It was discovered that cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, does not properly handle certain invalid password salts. A remote attacker can take advantage of this flaw to cause a denial of service. OpenVAS Vulnerability Test $Id: deb3368.nasl 6609...

4.3CVSS0.1AI score0.03589EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2015/09/20 12:0 a.m.23 views

Debian Security Advisory DSA 3363-1 (owncloud-client - security update)

Johannes Kliemann discovered a vulnerability in ownCloud Desktop Client, the client-side of the ownCloud file sharing services. The vulnerability allows man-in-the-middle attacks in situations where the server is using self-signed certificates and the connection is already established. If the use...

2.6CVSS6.2AI score0.00825EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/05 12:0 a.m.31 views

Debian Security Advisory DSA 3353-1 (openslp-dfsg - security update)

Qinghao Tang of QIHU 360 discovered a double free flaw in OpenSLP, an implementation of the IETF Service Location Protocol. This could allow remote attackers to cause a denial of service crash. OpenVAS Vulnerability Test $Id: deb3353.nasl 7739 2017-11-13 05:04:18Z teissa $ Auto-generated from...

5CVSS7.3AI score0.0631EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/08/24 12:0 a.m.18 views

Debian DLA-296-1 : extplorer security update

Multiple cross-site scripting XSS vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has...

4.3CVSS5.4AI score0.01187EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/08/24 12:0 a.m.61 views

Debian DSA-3340-1 : zendframework - security update

Dawid Golunski discovered that when running under PHP-FPM in a threaded environment, Zend Framework, a PHP framework, did not properly handle XML data in multibyte encoding. This could be used by remote attackers to perform an XML External Entity attack via crafted XML data. %NASLMINLEVEL 70300 C...

6.8CVSS8AI score0.09911EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2015/08/19 12:0 a.m.53 views

Debian Security Advisory DSA 3340-1 (zendframework - security update)

Dawid Golunski discovered that when running under PHP-FPM in a threaded environment, Zend Framework, a PHP framework, did not properly handle XML data in multibyte encoding. This could be used by remote attackers to perform an XML External Entity attack via crafted XML data. OpenVAS Vulnerability...

6.8CVSS0.3AI score0.09911EPSS
Exploits7References1
OpenVAS
OpenVAS
added 2015/08/12 12:0 a.m.34 views

Debian Security Advisory DSA 3334-1 (gnutls28 - security update)

Kurt Roeckx discovered that decoding a specific certificate with very long DistinguishedName DN entries leads to double free. A remote attacker can take advantage of this flaw by creating a specially crafted certificate that, when processed by an application compiled against GnuTLS, could cause t...

5CVSS6.4AI score0.1903EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/08/07 12:0 a.m.6 views

The vulnerability of the Debian GNU/Linux operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the bufferslowrealign function in the HAProxy package for the Debian GNU/Linux operating system arises due to overflow in the buffer in dynamic memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information throu...

5CVSS5.7AI score0.04274EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2015/08/03 12:0 a.m.20 views

Debian Security Advisory DSA 3327-1 (squid3 - security update)

Alex Rousskov of The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not correctly handle CONNECT method peer responses when configured with cachepeer and operating on explicit proxy traffic. This could allow remote clients to gain unrestricted access through a...

6.8CVSS0.1AI score0.16525EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2015/07/31 12:0 a.m.7 views

The vulnerability of the Debian GNU/Linux operating system allows a perpetrator to execute arbitrary code or cause service interruptions.

The vulnerability of the WriteProlog function in the printing subsystem of the Debian GNU/Linux operating system is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by using a specially crafted...

7.5CVSS8AI score0.08295EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2015/07/28 12:0 a.m.26 views

Debian Security Advisory DSA 3319-1 (bind9 - security update)

Jonathan Foote discovered that the BIND DNS server does not properly handle TKEY queries. A remote attacker can take advantage of this flaw to mount a denial of service via a specially crafted query triggering an assertion failure and causing BIND to exit. OpenVAS Vulnerability Test $Id:...

7.8CVSS0.7AI score0.91284EPSS
Exploits12References1
OpenVAS
OpenVAS
added 2015/07/25 12:0 a.m.38 views

Debian Security Advisory DSA 3316-1 (openjdk-7 - security update)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography. OpenVAS Vulnerability Test $Id: deb3316.nasl 660...

10CVSS0.8AI score0.9986EPSS
Exploits1References1
Rows per page
Query Builder