Lucene search
K

174 matches found

MSRC
MSRC
added 2019/04/02 10:32 p.m.87 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2018/10/20 12:25 p.m.318 views

Munin - Online Hash Checker For Virustotal And Other Services

Munin is a online hash checker utility that retrieves valuable information from various online sources The current version of Munin queries the following services: Virustotal Malshare HybridAnalysis Note: Munin is based on the script "VT-Checker", which has been maintained in the LOKI repository...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2018/06/04 12:0 a.m.4 views

Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15887)

The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "Delete Duplicates" method in Quest DR Series Disk Backup Software versions prior to 4.0.3.1. An attacker could exploit this vulnerability to execute system commands...

8.8CVSS9.1AI score0.04602EPSS
Exploits2References1
OSV
OSV
added 2018/03/22 12:29 p.m.6 views

CVE-2018-1426

IBM GSKit IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 duplicates the PRNG state across fork system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071...

9.1CVSS5.8AI score0.0251EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/28 12:0 a.m.161 views

FreeBSD : OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (5b74a5bc-348f-11e5-ba05-c80aa9043978)

It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks. %NASLMINLEVEL 70300 C Tenable Network...

8.5CVSS6.4AI score0.09302EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/10/20 5:55 p.m.35 views

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

3.5CVSS7.2AI score0.01914EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2014/02/19 12:0 a.m.35 views

Giftcard Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Since November 2013 I reported seven Cross-site Scripting vulnerabilities to the Giftcard Bug Bounty Program. Sadly, only one of them wasn't a duplicate :-/. Strange? Perhaps, but not impossible given the simplicity of the vulnerabilities. But what I...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/09/12 7:40 p.m.8 views

kernel: taskstats: duplicate entries in listener mode can lead to DoS

The adddellistener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service memory and CPU consumption, and bypass the OOM Killer, via a crafted application...

4.9CVSS7.3AI score0.00388EPSS
Exploits1References4
Saint
Saint
added 2011/05/16 12:0 a.m.41 views

Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS7.3AI score0.17936EPSS
Exploits6
Prion
Prion
added 2010/08/16 3:14 p.m.20 views

Code injection

Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified use of the 1 Reports or 2 Duplicates page...

5CVSS6.9AI score0.01411EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/08/13 12:0 a.m.29 views

Bugzilla < 3.2.8 / 3.4.8 / 3.6.2 / 3.7.3 Multiple Vulnerabilities

Binary data 5627.prm...

6.5CVSS6.8AI score0.02046EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2009/09/02 8:0 a.m.5 views

OpenSSL: DTLS fragment handling memory DoS

Multiple memory leaks in the dtls1processoutofseqmessage function in ssl/d1both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service memory consumption via DTLS records that 1 are duplicates or 2 have sequence numbers much greater than current sequenc...

5CVSS7AI score0.12746EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2007/08/21 12:0 a.m.36 views

Fedora Core 6 : openssl-0.9.8b-14.fc6 (2007-661)

Fri Aug 3 2007 Tomas Mraz 0.9.8b-14 - use localhost in testsuite, hopefully fixes slow build in koji - CVE-2007-3108 - fix side channel attack on private keys 250577 - make ssl session cache id matching strict 233599 - Wed Jul 25 2007 Tomas Mraz 0.9.8b-13 - allow building on ARM architectures...

1.2CVSS7.1AI score0.00409EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.7 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Rows per page
Query Builder