Lucene search
K

4420 matches found

RedHat Linux
RedHat Linux
added 2020/12/15 3:21 p.m.439 views

Moderate: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

10CVSS7.1AI score0.99512EPSS
Exploits75References8
Packet Storm
Packet Storm
added 2020/12/09 12:0 a.m.506 views

Tibco ObfuscationEngine 5.11 Fixed Key Password Decryption

Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...

0.3AI score
Exploits0
Gitee
Gitee
added 2020/12/05 1:22 p.m.3 views

pentest-wiki

This repository is an information gathering library for penetration testers and researchers, containing various tools and documentation for gathering information about a target organization. The repository includes scripts and guides for performing whois searches, querying whois databases, and...

6.9AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2020/12/04 12:0 a.m.39 views

Security update for neomutt (moderate)

openSUSE Security Update: Security update for neomutt Announcement ID: openSUSE-SU-2020:2158-1 Rating: moderate References: 1172906 1172935 1173197 1179035 1179113 Cross-References: CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 CVE-2020-28896 Affected Products: openSUSE Backports SLE-15-SP2 An...

5.9CVSS6.4AI score0.02323EPSS
Exploits0References5
Kitploit
Kitploit
added 2020/12/01 8:30 p.m.51 views

Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for...

7.8AI score
Exploits0References3
OSV
OSV
added 2020/12/01 8:25 p.m.19 views

GHSA-384W-5V3F-Q499 Base class whitelist configuration ignored in OAuthenticator

Impact What goes wrong? The deprecated in jupyterhub 1.2 configuration Authenticator.whitelist, which should be transparently mapped to Authenticator.allowedusers with a warning, is instead ignored by OAuthenticator classes, resulting in the same behavior as if this configuration has not been set...

8.3CVSS6.1AI score0.01108EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.310 views

CentOS 7 : python (RHSA-2020:3911)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3911 advisory. - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in...

6.1CVSS7.1AI score0.04653EPSS
Exploits1References2
OSV
OSV
added 2020/11/29 12:0 p.m.27 views

RUSTSEC-2020-0075 Unexpected panic when decoding tokens

Prior to 0.10.0 it was possible to have both decoding functions panic unexpectedly, by supplying tokens with an incorrect base62 encoding. The documentation stated that an error should have been reported instead...

5.5CVSS5.4AI score0.00465EPSS
Exploits1References3
Photon
Photon
added 2020/11/25 12:0 a.m.40 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0340

An update of 'postgresql' packages of Photon OS has been released...

6.8CVSS0.9AI score0.4644EPSS
Exploits0
Packet Storm
Packet Storm
added 2020/11/25 12:0 a.m.1110 views

Kong Gateway Admin API Remote Code Execution

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kong Gateway Admin API Remote Code Execution', 'Description' = ' This module uses the Kong admin API to create a route...

0.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/23 6:58 p.m.76 views

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

5.5CVSS6.3AI score0.0051EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/23 6:1 p.m.97 views

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

5.5CVSS6.3AI score0.0051EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/23 5:49 p.m.63 views

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5.5CVSS6.3AI score0.0051EPSS
Exploits0References4
Citrix
Citrix
added 2020/11/20 12:0 a.m.9 views

PVS Accelerator - For Citrix Hypervisor 8.2

Who Should Install This Update? This PVS Accelerator update is for customers who use the PVS Accelerator provided with Citrix Hypervisor 8.2. It constitutes the following deliverable: File Name| CitrixHypervisor-8.2.0-pvsaccelerator.iso ---|--- Description| This file updates the PVS Accelerator...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.7 views

GaussDB Kernel: Documenting Database Templates

All database templates must be documented. You need to carefully check any database templates without specific use. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.2AI score
Exploits0
Cent OS
Cent OS
added 2020/11/19 1:47 p.m.290 views

microcode_ctl security update

CentOS Errata and Security Advisory CESA-2020:5083 An update for microcodectl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

5.5CVSS6.3AI score0.0051EPSS
Exploits0References7
Cisco
Cisco
added 2020/11/18 4:0 p.m.131 views

Cisco Expressway Software TURN Server Configuration Issue

The Traversal Using Relays around NAT TURN server component of Cisco Expressway software supports the relay of media connections through a firewall using proxy services. As a result of this feature, interfaces such as the Cisco Expressway web administrative interface may become accessible from...

6.6AI score
Exploits0References1
Oracle linux
Oracle linux
added 2020/11/17 12:0 a.m.51 views

microcode_ctl security, bug fix and enhancement update

4:20200609-2.20201027.1.0.1 - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 4:20200609-2.20201027.1 - Update Intel CPU microcode to microcode-20201027 release, addresses CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698 1893265, 1893253,...

5.5CVSS1.1AI score0.0051EPSS
Exploits0
OSV
OSV
added 2020/11/16 8:7 p.m.304 views

GHSA-MW36-7C6C-Q4Q2 XStream can be used for Remote Code Execution

Impact The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Patches If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.14. Workarounds No user is affected, who...

8CVSS9.1AI score0.85001EPSS
Exploits7References17
Github Security Blog
Github Security Blog
added 2020/11/16 8:7 p.m.106 views

XStream can be used for Remote Code Execution

Impact The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Patches If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.14. Workarounds No user is affected, who...

9.3CVSS0.7AI score0.85001EPSS
Exploits7References17Affected Software1
Rows per page
Query Builder