Lucene search
K

2590 matches found

CNVD
CNVD
added 2015/08/04 12:0 a.m.4 views

IBM WebSphere eXtreme Scale Denial of Service Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution from IBM USA. The solution provides high-performance, scalable caching framework and grid technology to handle massive transactions, reduce database performance limitations and so on. A security vulnerability exists in IBM WebSphere...

5CVSS6.7AI score0.01242EPSS
Exploits0References1
exploitpack
exploitpack
added 2015/07/10 12:0 a.m.27 views

NTPD - MON_GETLIST Query Amplification Denial of Service

NTPD - MONGETLIST Query Amplification Denial of Service !/usr/bin/perl ntp MONGETLIST query amplification ddos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg A Network Time Protocol NTP Amplification attack is an emergin...

Exploits0
Cisco Threats
Cisco Threats
added 2015/06/30 1:19 p.m.9 views

Threat Outbreak Alert RuleID15980: Email Messages Distributing Malicious Software on October 7, 2015

Medium Alert ID: 39551 First Published: 2015 June 30 13:19 GMT Last Updated: 2015 October 7 19:54 GMT Version: 14 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID15980 and...

6.9AI score
Exploits0
CNVD
CNVD
added 2015/06/24 12:0 a.m.3 views

Elasticsearch Arbitrary Code Execution Vulnerability

Elasticsearch is a set of open source distributed RESTful search engine built on Lucene , it is mainly used in cloud computing , and supports data indexing via HTTP using JSON . A security vulnerability exists in Elasticsearch that allows a remote attacker to submit a special request to execute...

7.5CVSS7.8AI score0.0445EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.6 views

The vulnerability of the distributed network access control device of SolarWinds Firewall Security Manager allows a hacker to elevate their privileges and execute arbitrary code within the client session.

The vulnerability of the userlogin.jsp module in the SolarWinds Firewall Security Manager distributed network access control system allows a malicious actor to escalate their privileges and execute arbitrary code within the client session...

10CVSS5.9AI score0.74206EPSS
Exploits4References1Affected Software1
Kitploit
Kitploit
added 2015/06/04 10:59 p.m.63 views

I2P - The Invisible Internet Project

I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other. The network itself is strictly message based a la IP, but there is a library available to allow reliable streaming communication on top of it a la TCP. All...

7.4AI score
Exploits0
Debian
Debian
added 2015/06/04 7:24 a.m.60 views

[SECURITY] [DLA 237-1] mercurial security update

Package : mercurial Version : 1.6.4-1+deb6u1 CVE ID : CVE-2014-9390 CVE-2014-9462 CVE-2014-9462 Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command...

9.8CVSS7.2AI score0.63178EPSS
Exploits6
CNVD
CNVD
added 2015/05/28 12:0 a.m.2 views

Multiple IBM Product Denial of Service Vulnerabilities (CNVD-2015-03487)

IBM manufactures and sells computer hardware and software, and provides consulting services for systems architecture and web hosting. Common Inventory Technology CIT versions prior to 2.7.0.2050 are used in IBM License Metric Tool versions 7.2.2, 7.5 and 9, Endpoint Manger for Software Use Analys...

5CVSS6.6AI score0.01256EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/28 12:0 a.m.2 views

Multiple IBM Product Denial of Service Vulnerabilities (CNVD-2015-03496)

IBM manufactures and sells computer hardware and software, and provides consulting services for systems architecture and web hosting. Common Inventory Technology CIT versions prior to 2.7.0.2050 are used in IBM License Metric Tool versions 7.2.2, 7.5 and 9, Endpoint Manger for Software Use Analys...

5CVSS6.6AI score0.01256EPSS
Exploits0References1
Fedora
Fedora
added 2015/05/26 3:45 a.m.24 views

[SECURITY] Fedora 22 Update: quassel-0.11.0-2.fc22

Quassel IRC is a modern, distributed IRC client, meaning that one or multiple clients can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical...

5CVSS2.2AI score0.02795EPSS
Exploits0
Debian
Debian
added 2015/05/12 7:40 p.m.27 views

[SECURITY] [DSA 3258-1] quassel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3258-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 12, 2015 http://www.debian.org/security/faq -...

7.5CVSS6.2AI score0.0211EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/05/12 12:0 a.m.23 views

Debian Security Advisory DSA 3258-1 (quassel - security update)

It was discovered that the fix for CVE-2013-4422 in quassel, a distributed IRC client, was incomplete. This could allow remote attackers to inject SQL queries after a database reconnection e.g. when the backend PostgreSQL server is restarted. OpenVAS Vulnerability Test $Id: deb3258.nasl 6609...

7.5CVSS0.6AI score0.0211EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/12 12:0 a.m.30 views

Debian DSA-3257-1 : mercurial - security update

Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.3AI score0.63178EPSS
Exploits6References6
OpenVAS
OpenVAS
added 2015/04/29 12:0 a.m.32 views

Debian Security Advisory DSA 3241-1 (elasticsearch - security update)

John Heasman discovered that the site plugin handling of the Elasticsearch search engine was susceptible to directory traversal. OpenVAS Vulnerability Test $Id: deb3241.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3241-1 using nvtgen 1.0 Script version: 1.0 Author:...

4.3CVSS9.4AI score0.33129EPSS
Exploits5References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the operating system openSUSE, which allow a malicious individual to compromise the accessibility of protected information

The drbd-kmp-trace package of the OpenSUSE operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS5.8AI score0.04268EPSS
Exploits5References7Affected Software1
OSV
OSV
added 2015/04/16 4:59 p.m.3 views

UBUNTU-CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA...

4CVSS6.7AI score0.02298EPSS
Exploits0References3
Fedora
Fedora
added 2015/03/13 4:56 p.m.34 views

[SECURITY] Fedora 20 Update: nodejs-0.10.36-3.fc20

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

10CVSS1.6AI score0.99999EPSS
Exploits7
Fedora
Fedora
added 2015/02/28 10:22 a.m.38 views

[SECURITY] Fedora 21 Update: nodejs-0.10.36-3.fc21

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

10CVSS1.6AI score0.99999EPSS
Exploits7
OpenVAS
OpenVAS
added 2015/02/02 12:0 a.m.19 views

Debian Security Advisory DSA 3149-1 (condor - security update)

Florian Weimer, of Red Hat Product Security, discovered an issue in condor, a distributed workload management system. Upon job completion, it can optionally notify a user by sending an email; the mailx invocation used in that process allowed for any authenticated user able to submit jobs, to...

8.9AI score0.0308EPSS
Exploits0References1
OSV
OSV
added 2015/02/02 12:0 a.m.18 views

DSA-3149-1 condor - security update

Bulletin has no description...

8.8CVSS8.6AI score0.0308EPSS
Exploits0
Rows per page
Query Builder