Lucene search
K

8698 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/19 12:0 a.m.39 views

OpenSSL < 0.9.8zf / 1.0.0r / 1.0.1m / 1.0.2a Multiple Vulnerabilities

Binary data 801937.prm...

6.8CVSS6.8AI score0.21247EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2015/03/19 12:0 a.m.56 views

All-in-One WP Migration <= 2.0.4 - Unauthenticated Database Export

Unauthenticated users can export a complete copy of the WordPress database, all plugins, themes, and uploaded files...

2.6AI score
Exploits0References1Affected Software1
OSV
OSV
added 2015/03/19 12:0 a.m.43 views

DSA-3197-1 openssl - security update

Bulletin has no description...

7.5CVSS6.8AI score0.44503EPSS
Exploits1
OSV
OSV
added 2015/03/18 12:0 a.m.4 views

UBUNTU-CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204...

7.5CVSS7.2AI score0.03152EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/18 12:0 a.m.44 views

CentOS 7 : libabw / libcmis / libetonyek / libfreehand / liblangtag / libmwaw / libodfgen / etc (CESA-2015:0377)

Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

10CVSS8AI score0.09864EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.70 views

McAfee Firewall Enterprise OpenSSL Multiple Vulnerabilities (SB10102) (FREAK)

The remote host has a version of McAfee Firewall Enterprise installed that is affected by multiple vulnerabilities in the OpenSSL library : - A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an...

5CVSS7.3AI score0.98685EPSS
Exploits0References10
CNVD
CNVD
added 2015/03/12 12:0 a.m.2 views

Multiple Apple products are vulnerable to information leakage

Apple iOS is an operating system for handheld devices developed by Apple Inc. An information disclosure vulnerability exists in Apple iOS prior to 8.1.3, Apple OS X prior to 10.10.2,Apple TV prior to 7.0.3 that allows attackers to conduct a password downgrade attack via a crafted TLS traffic...

6AI score
Exploits0References1
CNVD
CNVD
added 2015/03/12 12:0 a.m.1 views

Unspecified Vulnerability in Secure Transport for Multiple Apple Products

Apple iOS, Apple TV, and Apple OS X are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Apple TV is a high-definition television set-top box; and Apple OS X is a specialized operating system developed for Mac computers. A security vulnerability exists in Secu...

4.3CVSS6.6AI score0.19633EPSS
Exploits1References1
Patchstack
Patchstack
added 2015/03/12 12:0 a.m.10 views

WordPress Custom Field Suite Plugin <= 2.4 - Insufficient Authorisation

Because of this vulnerability, attacker can import and export custom fields. Solution Update the plugin...

3.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.74 views

MS15-031: Vulnerability in Schannel Could Allow Security Feature Bypass (3046049) (FREAK)

The remote Windows host is affected by a security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, due to the support of weak EXPORTRSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS...

4.3CVSS5.8AI score0.13151EPSS
Exploits0References3
CNVD
CNVD
added 2015/03/06 12:0 a.m.1 views

ETouch Systems SamePage Enterprise Edition Directory Traversal Vulnerability

ETouch Systems SamePage Enterprise Edition is an enterprise version of the Wiki WiKi solution for wikis and blogs from ETouch Systems, USA. The solution supports team collaboration, role management and document management. A directory traversal vulnerability exists in the cm/newui/blog/export.jsp...

4CVSS7AI score0.06611EPSS
Exploits1References1
CNVD
CNVD
added 2015/03/06 12:0 a.m.2 views

CRLF Injection Vulnerability in Multiple Sierra Wireless AirCard Products

The Sierra Wireless AirCard 760S, 762S and 763S are mobile broadband devices from Sierra Wireless Canada. A CRLF injection vulnerability exists in the export.cfg file in the web-based management console of multiple Sierra Wireless AirCard products. A remote attacker could exploit this vulnerabili...

4.3CVSS7.5AI score0.01022EPSS
Exploits1References1
myhack58
myhack58
added 2015/03/06 12:0 a.m.15 views

CVE-2 0 1 5-0 2 0 4 OpenSSL FREAK Attack vulnerability detection methods and repair recommendations-vulnerability warning-the black bar safety net

0×0 1 Introduction Near the Lantern Festival on the occasion, OpenSSL and because of the FREAK attack(also known as the Factoring Attack on RSA-EXPORT Keys vulnerability or CVE-2 0 1 5-0 2 0 4. the vulnerability fights uproar. Apple and Google are in on Tuesday indicated that they are fixing the...

0.2AI score
Exploits0
FreeBSD
FreeBSD
added 2015/03/06 12:0 a.m.17 views

mono -- TLS bugs

The Mono project reports: Mono’s implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. Details of this vulnerability are discussed in SKIP-TLS post. Mono’s implementation of SSL/TLS also contained...

1.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/03/05 4:19 p.m.66 views

Microsoft Schannel Vulnerable to FREAK

Microsoft today issued an advisory warning Windows users that Secure Channel, or Schannel, the Windows implementation of SSL/TLS, is vulnerable to the FREAK attack. Disclosed this week, FREAK CVE-2015-1637 is the latest big Internet bug. It affects a number of SSL clients, including OpenSSL, and...

4.3CVSS1.3AI score0.13151EPSS
Exploits0References4
MSRC
MSRC
added 2015/03/05 8:0 a.m.8 views

Security Advisory 3046015 released

Today, we released Security Advisory 3046015 to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” Factoring attack on RSA-EXPORT Keys. Our investigation continues and we’ll take the necessary steps to protect our customers. MSRC Team...

7AI score
Exploits0
CNVD
CNVD
added 2015/03/05 12:0 a.m.1 views

SSL/TLS Cryptographic Degradation Man-in-the-Middle Hijacking Vulnerability

SSL/TLS is a cryptographic application. SSL/TLS has a security vulnerability that can lead to an attack known as FREAK Factoring RSA Export Keys, which can be exploited by an attacker to reduce the level of encryption and decrypt communications through a man-in-the-middle attack...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2015/03/05 12:0 a.m.3 views

PHP address book has multiple SQL injection and multiple cross-site scripting vulnerabilities

PHP Address Book Address Book is a PHP development of a simple Web-based address book , contact management applications , support groups , addresses , e-mail , telephone numbers and birthday information ; can be exported to vCard and CSV , integrated with Gmail, Google and Yahoo maps , the databa...

4.3CVSS7.4AI score0.02398EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2015/03/03 8:30 p.m.76 views

'FREAK' — New SSL/TLS Vulnerability Explained

Another new widespread and disastrous SSL/TLS vulnerability has been uncovered that for over a decade left Millions of users of Apple and Android devices vulnerable to man-in-the-middle attacks on encrypted traffic when they visited supposedly 'secured' websites, including the official websites o...

4.3CVSS6.1AI score0.98685EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2015/02/24 5:59 p.m.3 views

CVE-2015-2071

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. dot dot in the filepath parameter...

4CVSS5.8AI score0.06611EPSS
Exploits1References6
Rows per page
Query Builder