Lucene search
K

269 matches found

Cent OS
Cent OS
added 2015/06/24 3:28 a.m.103 views

php security update

CentOS Errata and Security Advisory CESA-2015:1135 Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...

10CVSS7.4AI score0.53166EPSS
Exploits45References7
ThreatPost
ThreatPost
added 2015/05/07 2:58 p.m.11 views

Open Smart Grid Protocol Homegrown Crypto Weaknesses

In the three years since its inception, the Open Smart Grid Protocol has found its way into more than four million smart meters and similar devices worldwide. And like its SCADA, industrial control system, and embedded system brethren, it’s rife with security issues. Two researchers, Phillip...

0.4AI score
Exploits0References2
Mageia
Mageia
added 2014/12/26 5:4 p.m.36 views

Updated not-yet-commons-ssl packages fix CVE-2014-3604

Updated not-yet-commons-ssl packages fixes security vulnerability: It was discovered that the implementation used by the Not Yet Commons SSL project to check that the server hostname matches the domain name in the subject's CN field was flawed. This can be exploited by a Man-in-the-middle MITM...

6.8CVSS8.9AI score0.00932EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features...

7.1AI score
Exploits0
Cent OS
Cent OS
added 2013/02/27 7:34 p.m.76 views

dovecot security update

CentOS Errata and Security Advisory CESA-2013:0520 Updated dovecot packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS...

6.5CVSS5.9AI score0.02206EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2012/11/14 12:0 a.m.50 views

MS12-074: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2745030)

The remote Windows host is running a version of Microsoft .NET Framework that is affected by multiple vulnerabilities : - The way .NET Framework validates the permissions of certain objects during reflection is flawed and could be exploited by an attacker to gain complete control of an affected...

9.3CVSS6.8AI score0.24755EPSS
Exploits3References6
ThreatPost
ThreatPost
added 2012/08/22 12:40 p.m.6 views

Flaws in Shamoon Malware Reinforce Theory It's Not A Wiper Variant

Some clumsy coding discovered during an analysis of the Shamoon malware has led researchers to conclude that it is probably not related to the Wiper malware that hit some Iranian networks recently and likely isn’t the work of serious programmers. A prime error appears to come from the main...

1.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/06/21 12:0 a.m.33 views

GLSA-201204-06 : PolicyKit: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201204-06 PolicyKit: Multiple vulnerabilities Multiple vulnerabilities have been found in PolicyKit: Error messages in the pkexec utility disclose the existence of local files CVE-2010-0750. The pkexec utility initially checks the...

6.9CVSS6.6AI score0.05246EPSS
Exploits18References4
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.16 views

CentOS Update for openssl CESA-2009:0004-01 centos2 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5.8CVSS7.4AI score0.05146EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2011/03/28 6:51 p.m.10 views

RIAA Targeted by Anonymous Operation Payback !

The rogue hacktivist movement Anonymous is apparently breaking out the Low Orbit Ion Cannon again for a reprise of the Operation Payback campaign, this time setting their distributed denial of service DDoS attack sites on the Recording Industry Association of America RIAA. The campaign to disrupt...

6.8AI score
Exploits0
myhack58
myhack58
added 2010/12/10 12:0 a.m.11 views

Network fun online shopping users fashion Edition Build 1 0 1 1 0 1 SQL injection exploit-vulnerability warning-the black bar safety net

listshj. asp page there is the injection, not for authentication, wherein %dim shjiaid shjiaid=request. querystring"id" set rs=server. createobject"adodb. recordset" rs. open "select from shjia where shjiaid=" shjiaid ,conn,1,1% ID is not filtered, and injected into the generated/admin/listshj...

1.1AI score
Exploits0
Debian
Debian
added 2010/10/10 9:45 a.m.25 views

BSA-004 Security Update for subversion

Peter Samuelson uploaded new packages for subversion which fixed the following security problems: CVE-2010-3315 When "SVNPathAuthz shortcircuit" is enabled, authz authentication in the moddavsvn module for the Apache HTTP Server is flawed. Remote authenticated users can bypass intended access...

6CVSS6.8AI score0.04216EPSS
Exploits0
Exploit DB
Exploit DB
added 2010/08/26 12:0 a.m.20 views

EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation

source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode. Attackers may leverage these weaknesses to attack...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/05 1:28 p.m.10 views

Consumer Groups Say Proposed Privacy Bill is Flawed

A long-awaited draft of a Congressional bill would extend privacy protections both on the Internet and off line, but privacy advocates said the bill did not go far enough in protecting consumers. Read the full article New York Times...

2.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2009/11/02 11:26 p.m.12 views

Flawed USB Sticks Can Be Used to Download Whatever Desired

UK security researchers MWR InfoSecurity have found a flaw in the driver software of USB sticks that could allow the technology to “interrogate” and download the complete content of any system. The company believes the use of such devices is only months away, and has shared its research with the...

2.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.28 views

Mandriva Update for file MDKSA-2007:114 (file)

Check for the Version of file OpenVAS Vulnerability Test Mandriva Update for file MDKSA-2007:114 file Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

9.3CVSS0.5AI score0.12226EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.33 views

CentOS Update for thunderbird CESA-2008:0908 centos4 i386

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2008:0908 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

10CVSS0.4AI score0.43921EPSS
Exploits16References2
Prion
Prion
added 2008/07/14 6:41 p.m.14 views

Integer overflow

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."...

10CVSS8.4AI score0.08667EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2008/04/07 12:0 a.m.23 views

Debian Security Advisory DSA 1533-1 (exiftags)

The remote host is missing an update to exiftags announced via advisory DSA 1533-1. OpenVAS Vulnerability Test $Id: deb15331.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1533-1 exiftags Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

10CVSS0.8AI score0.0264EPSS
Exploits0
securityvulns
securityvulns
added 2008/01/30 12:0 a.m.85 views

Insecure Use of RC4 in LSrunasE and Supercrypt (CVE-2007-6340)

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: LSrunasE, Supercrypt Vendor: Geert Moernaut Type: Flawed Encryption Risk: Medium Author: Daniel Roethlisberger Date: 2008-01-29 CVE Name: CVE-2007-6340 Introduction ------------ LSrunasE 1 and Supercrypt 2 are utilities used to run commands...

2.1CVSS6.7AI score0.00301EPSS
Exploits0
Rows per page
Query Builder