Lucene search
K

8751 matches found

OpenVAS
OpenVAS
added 2019/08/16 12:0 a.m.38 views

Fedora Update for edk2 FEDORA-2019-d47a9d4b8b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.7AI score0.01338EPSS
Exploits0References2
Fedora
Fedora
added 2019/08/15 6:10 p.m.49 views

[SECURITY] Fedora 30 Update: edk2-20190501stable-2.fc30

EDK II is a development code base for creating UEFI drivers, applications and firmware images...

9.8CVSS2.9AI score0.01338EPSS
Exploits0
Cvelist
Cvelist
added 2019/08/15 5:47 p.m.28 views

CVE-2019-9012

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.2...

7.6AI score0.01752EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.25 views

Atlassian Crowd 2.1.x < 3.0.5 RCE Vulnerability

According to its self-reported version number, the Atlassian Crowd application running on the remote host is 2.1.x prior to 3.0.5, 3.1.x prior to 3.1.6, 3.2.x prior to 3.2.8, 3.3.x prior to 3.3.5 or 3.4.x prior to 3.4.4. It is, therefore, affected by a remote code execution RCE vulnerability. An...

9.8CVSS10AI score0.95355EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.27 views

Atlassian Crowd 3.4.x < 3.4.4 RCE Vulnerability

According to its self-reported version number, the Atlassian Crowd application running on the remote host is 2.1.x prior to 3.0.5, 3.1.x prior to 3.1.6, 3.2.x prior to 3.2.8, 3.3.x prior to 3.3.5 or 3.4.x prior to 3.4.4. It is, therefore, affected by a remote code execution RCE vulnerability. An...

9.8CVSS10AI score0.95355EPSS
Exploits6References2
RedhatCVE
RedhatCVE
added 2019/08/12 10:20 a.m.23 views

CVE-2019-14940

In Storage Performance Development Kit SPDK before 19.07, a user of a vhost can cause a crash if the target is sent invalid input...

6.5CVSS1.4AI score0.01226EPSS
Exploits0References3
NVD
NVD
added 2019/08/12 2:15 a.m.8 views

CVE-2019-14940

In Storage Performance Development Kit SPDK before 19.07, a user of a vhost can cause a crash if the target is sent invalid input...

6.5CVSS6.5AI score0.01226EPSS
Exploits0References1
CVE
CVE
added 2019/08/12 1:36 a.m.101 views

CVE-2019-14940

CVE-2019-14940 affects SPDK prior to 19.07, where a user of a vhost can cause a crash by sending invalid input to the target. The root cause is an input validation issue in SPDK’s vhost handling, leading to an availability impact (crash) with network-accessible exposure implied by the CVSS data. ...

6.5CVSS6.4AI score0.01226EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.24 views

SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2019:2018-1)

This update for polkit fixes the following issues : Security issue fixed : CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826. Note that Tenable Network Security has extracted the preceding description block directly from...

6.7CVSS6.8AI score0.00446EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : bzip2 (SUSE-SU-2019:2013-1)

This update for bzip2 fixes the following issues : Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors bsc1139083. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

9.8CVSS6.8AI score0.08042EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2019/08/08 4:11 p.m.55 views

Supply-Chain Attack against the Electron Development Platform

Electron is a cross-platform development system for many popular communications apps, including Skype, Slack, and WhatsApp. Security vulnerabilities in the update system allows someone to silently inject malicious code into applications. From a news article: At the BSides LV security conference o...

6.7AI score
Exploits0
Fedora
Fedora
added 2019/08/08 1:53 a.m.45 views

[SECURITY] Fedora 29 Update: php-7.2.21-1.fc29

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS0.4AI score0.07065EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/08/07 12:0 a.m.55 views

Debian: Security Advisory (DLA-1872-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03502EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2019/08/05 2:44 p.m.47 views

Three Keys to Infusing Security into your Corporate Culture

Creating a security-oriented culture is a challenge for many businesses. There's a natural tension between development teams, that are under constant pressure to get new applications and features to market as quickly as possible, and security teams that need to protect critical systems and...

1.3AI score
Exploits0
CNVD
CNVD
added 2019/08/05 12:0 a.m.2 views

IBM SDK, Java Technology Edition Privilege Vulnerability

IBM SDK, Java Technology Edition is a software development kit for Java application development from IBM, USA. An elevation of privilege vulnerability exists in IBM SDK, Java Technology Edition for AIX-based platforms, which can be exploited by a local attacker to inject code and elevate privileg...

8.4CVSS7AI score0.0045EPSS
Exploits0References1
Kitploit
Kitploit
added 2019/08/02 1:8 p.m.115 views

W13Scan - Passive Security Scanner

W13scan is a proxy-based web scanner that runs on Linux/Windows/Mac systems. Begin Demo Pure Python and Python version = 3 Can you use star to encourage the author ? Install pip3 install w13scan Usage help w13scan -h running w13scan -s 127.0.0.1:7778 HTTPS Support If you want w13scan to support...

7.2AI score
Exploits0References1
NVD
NVD
added 2019/07/31 6:15 p.m.14 views

CVE-2007-6763

SAS Drug Development SDD before 32DRG02 mishandles logout actions, which allows a user who was previously logged in to access resources by pressing a back or forward button in a web browser...

8.8CVSS8.6AI score0.0132EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/31 5:8 p.m.18 views

CVE-2007-6763

SAS Drug Development SDD before 32DRG02 mishandles logout actions, which allows a user who was previously logged in to access resources by pressing a back or forward button in a web browser...

8.7AI score0.0132EPSS
Exploits0References1
CVE
CVE
added 2019/07/31 5:8 p.m.92 views

CVE-2007-6763

CVE-2007-6763 concerns SAS Drug Development (SDD) prior to 32DRG02, which mishandles logout actions. According to the sources, a user who was previously authenticated can regain access to resources by using the browser’s back or forward buttons after logout. The vulnerability is described consist...

8.8CVSS8.5AI score0.0132EPSS
Exploits0References1Affected Software1
Talos Blog
Talos Blog
added 2019/07/30 9:34 a.m.165 views

New Re2PCAP tool speeds up PCAP process for Snort rules

By Amit Raut We often joke that for SNORT® rule development, you have to live by the saying “PCAP or it didn’t happen.” PCAP files are very important for Snort rule development, and a new tool from Cisco Talos called “Re2Pcap” allows users to generate a PCAP file in seconds just from a raw HTTP...

7.5AI score
Exploits0
Rows per page
Query Builder