Lucene search
K

666 matches found

RedHat Linux
RedHat Linux
added 2018/01/04 5:49 a.m.6 views

hw: cpu: speculative execution permission faults handling

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS6.8AI score0.84172EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.155 views

RHEL 7 : kernel (RHSA-2018:0010)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0010 advisory. - hw: cpu: speculative execution bounds-check bypass CVE-2017-5753 - hw: cpu: speculative execution permission faults handling CVE-2017-5754...

5.6CVSS7.7AI score0.93838EPSS
Exploits10References11
RedHat Linux
RedHat Linux
added 2018/01/03 11:16 p.m.5 views

hw: cpu: speculative execution permission faults handling

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS6.8AI score0.84172EPSS
Exploits3References8
Positive Technologies
Positive Technologies
added 2017/11/20 12:0 a.m.5 views

PT-2017-15604 · Libxls · Libxls

Name of the Vulnerable Software and Affected Versions: libxls versions 1.3.4 through 1.4.0 Description: An out-of-bounds write vulnerability exists in the xls mergedCells function of libxls, allowing a specially crafted XLS file to cause memory corruption, potentially resulting in remote code...

8.8CVSS8.4AI score0.02771EPSS
Exploits9References34
Debian
Debian
added 2017/07/30 4:22 p.m.39 views

[SECURITY] [DLA 1045-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u8 CVE ID : CVE-2017-10799 CVE-2017-11102 CVE-2017-11140 CVE-2017-11403 CVE-2017-11636 CVE-2017-11637 CVE-2017-11638 CVE-2017-11641 CVE-2017-11642 CVE-2017-11643 Debian Bug : 867077 867746 870149 Multiple security vulnerabilities, NULL pointer...

9.8CVSS8.3AI score0.2831EPSS
Exploits0
CNVD
CNVD
added 2017/07/12 12:0 a.m.2 views

Microsoft Windows Graphics Component Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Graphics is one of the graphics driver components. An elevated privilege vulnerability exists in Graphics in Microsoft Windows, which stems from the Graphics component failing to properly handle objec...

7CVSS7.4AI score0.00967EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/04/29 12:0 a.m.17 views

libetpan -- null dereference vulnerability in MIME parsing component

rwhitworth reports: I was using American Fuzzy Lop afl-fuzz to fuzz input to the mime-parse test program. Is fixing these crashes something you're interested in? The input files can be found here: https://github.com/rwhitworth/libetpan-fuzz/. The files can be executed as ./mime-parse idfilename t...

7.5CVSS1.1AI score0.01836EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/03/20 12:0 a.m.17 views

FreeBSD : irssi -- use-after-free potential code execution (06f931c0-0be0-11e7-b4bf-5404a68ad561)

The irssi project reports : Use after free while producing list of netjoins CWE-416. This issue was found and reported to us by APic. This issue usually leads to segmentation faults. Targeted code execution should be difficult. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

9.8CVSS8.4AI score0.0336EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/03/11 12:0 a.m.18 views

irssi -- use-after-free potential code execution

The irssi project reports: Use after free while producing list of netjoins CWE-416. This issue was found and reported to us by APic. This issue usually leads to segmentation faults. Targeted code execution should be difficult...

9.8CVSS4.6AI score0.0336EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/12/27 12:0 a.m.46 views

Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)

Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...

10CVSS7.5AI score0.97485EPSS
Exploits13References34
OpenVAS
OpenVAS
added 2016/12/24 12:0 a.m.43 views

Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)

Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...

10CVSS1AI score0.97485EPSS
Exploits13References1
OpenVAS
OpenVAS
added 2016/12/23 12:0 a.m.36 views

Debian: Security Advisory (DSA-3746-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.97485EPSS
Exploits13References5
BDU FSTEC
BDU FSTEC
added 2016/08/16 12:0 a.m.4 views

The vulnerability of the Windows operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Windows operating system’s kernel is related to the improper handling of system call errors during page faults. Exploiting this vulnerability can allow an attacker, operating locally, to obtain confidential information through a specially created application...

2.1CVSS5.8AI score0.43284EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

The vulnerability in Adobe AIR allows an attacker to execute arbitrary code or cause a service failure a memory-related error...

10CVSS6AI score0.05756EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.4 views

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

The vulnerability in Adobe AIR allows an attacker to execute arbitrary code or cause a service failure a memory-related error...

10CVSS6AI score0.05756EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the Mozilla Firefox browser engine allows malicious actors to trigger a service failure a memory error and an unexpected termination of the application or execute arbitrary code...

10CVSS7.4AI score0.05584EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Mozilla SeaMonkey software package allows a malicious individual to execute arbitrary code, gain access to confidential information, or cause a service failure.

Mozilla SeaMonkey software contains a vulnerability related to errors in the implementation of the libxul.so!gfxContext::Polygon function. Exploiting this vulnerability allows malicious actors to gain access to confidential information from the dynamic memory of processes, trigger service failure...

6.8CVSS7AI score0.0427EPSS
Exploits1References5
CNVD
CNVD
added 2016/06/22 12:0 a.m.4 views

ImageMagick DCM Parser Null Pointer Access Vulnerability

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A security vulnerability exists in ImageMagick's DCM parser, which can be exploited by attackers to cause null pointer access and segmentation errors...

9.8CVSS9AI score0.05445EPSS
Exploits1References1
CNVD
CNVD
added 2016/06/22 12:0 a.m.4 views

Unspecified vulnerability in ImageMagick DCM parser (CNVD-2016-04246)

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A security vulnerability exists in ImageMagick's DCM parser, which can be exploited by attackers to cause null pointer access and segmentation errors...

9.8CVSS9AI score0.05445EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/05/23 4:8 p.m.69 views

Security update for the Linux Kernel (important)

The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-2847: Limit the per-user amount of pages allocated in pipes bsc970948. - CVE-2016-3136: mctu232: add sanity checking in probe bnc970955. - CVE-2016-2188: iowarrio...

4.9CVSS8.2AI score0.01814EPSS
Exploits13References15
Rows per page
Query Builder