Lucene search
K

2317 matches found

ICS
ICS
added 2017/03/28 12:0 a.m.73 views

Siemens RUGGEDCOM ROX I

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: RUGGEDCOM ROX I Vulnerabilities: Improper Authorization, Cross-Site Scripting, and Cross-Site Request Forgery AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following RUGGEDCOM...

8.8CVSS7.7AI score0.01395EPSS
Exploits0References3
NVD
NVD
added 2017/03/08 1:59 a.m.18 views

CVE-2017-0455

An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...

9.3CVSS7.1AI score0.0167EPSS
Exploits0References5
ICS
ICS
added 2017/03/02 12:0 a.m.67 views

ICSA-17-061-01_Eaton xComfort Ethernet Communication Interface

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Eaton Equipment: xComfort Ethernet Communication Interface Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of xComfort Ethernet Communication Interface ECI, a building automation system...

7.5CVSS7.8AI score0.01262EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/02/08 3:0 p.m.26 views

CVE-2017-0424

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it is a general bypass for a user level defense in depth or exploit mitigation technology ...

5.3AI score0.00802EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2017/01/26 12:0 a.m.4 views

January 26, 2017—KB 3216755 (OS Build 14393.726)

None None...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/26 12:0 a.m.4 views

January 26, 2017—KB 3216755 (OS Build 14393.726)

None None...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.47 views

F5 Networks BIG-IP : libxml2 vulnerabilities (K54225343)

CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document CVE-2016-3705 The 1...

7.5CVSS6.9AI score0.07025EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.6 views

libxml2: stack overflow before detecting invalid XML file

Missing incrementation of recursion depth counter were found in the xmlParserEntityCheck and xmlParseAttValueComplex functions used for parsing XML data. An attacker could launch a Denial of Service attack by passing specially crafted XML data to an application, forcing it to crash due to stack...

7.5CVSS7.1AI score0.05103EPSS
Exploits0References4
ICS
ICS
added 2016/11/08 12:0 a.m.190 views

Phoenix Contact ILC PLC Authentication Vulnerabilities

OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...

7.5CVSS0.8AI score0.11199EPSS
Exploits8References19
Kitploit
Kitploit
added 2016/10/31 2:14 p.m.17 views

Lynis 2.4.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2016/08/15 3:35 p.m.13 views

Latest Windows UAC Bypass Permits Code Execution

Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk. This time, the bypass relies on Event Viewer eventvwr.exe, a native Windows feature used to...

0.4AI score
Exploits0References3
Kitploit
Kitploit
added 2016/08/10 4:30 a.m.14 views

Lynis 2.3.2 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2016/08/09 12:0 a.m.42 views

Wireshark Multiple Denial of Service Vulnerabilities-01 (Aug 2016) - Mac OS X

Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS6.6AI score0.07598EPSS
Exploits1References5
OSV
OSV
added 2016/08/06 11:59 p.m.3 views

DEBIAN-CVE-2016-6513

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.9CVSS5.4AI score0.02071EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2016/08/06 11:0 p.m.61 views

CVE-2016-6513

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.9CVSS5.8AI score0.02071EPSS
Exploits0
ICS
ICS
added 2016/08/05 6:0 a.m.57 views

IBHsoftec S7-SoftPLC CPX43 Heap-based Buffer Overflow Vulnerability

OVERVIEW Ariele Caltabiano kimiya working with Trend Micro’s Zero Day Initiative has identified a buffer overflow vulnerability in IBHsoftec’s S7-SoftPLC. IBHsoftec has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS IBHsoft...

10CVSS10AI score0.02424EPSS
Exploits0References10
n0where
n0where
added 2016/08/02 4:50 p.m.21 views

Scrapy Python Crawler: Crawlpy

Python web spider/crawler based on scrapy with support for POST/GET login, variable level of recursions/depth and optionally save to disk. Requirements python 2.7 lxml pip pip install Scrapy Features POST/GET Login prior crawling Can handle logins that requires dynamic CSRF token Variable level o...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2016/07/13 7:32 p.m.30 views

Lynis 2.3.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/06/24 12:0 a.m.141 views

Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1292 advisory. - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711:...

10CVSS7.1AI score0.1398EPSS
Exploits11References15
RedHat Linux
RedHat Linux
added 2016/06/23 10:32 a.m.5 views

libxml2: stack overflow before detecting invalid XML file

Missing incrementation of recursion depth counter were found in the xmlParserEntityCheck and xmlParseAttValueComplex functions used for parsing XML data. An attacker could launch a Denial of Service attack by passing specially crafted XML data to an application, forcing it to crash due to stack...

7.5CVSS7.1AI score0.05103EPSS
Exploits0References4
Rows per page
Query Builder