Lucene search
K

16992 matches found

OpenVAS
OpenVAS
added 2019/12/17 12:0 a.m.8 views

Oracle Application / HTTP Server Detection (HTTP)

HTTP based detection of the Oracle Application Server AS or Oracle HTTP Server. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9AI score
Exploits0References2
Amazon
Amazon
added 2019/12/13 12:0 a.m.90 views

Medium: libidn2

Issue Overview: idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. CVE-2019-18224 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it...

9.8CVSS8.1AI score0.03708EPSS
Exploits1
0day.today
0day.today
added 2019/12/11 12:0 a.m.293 views

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Vulnerabilit

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Product web page: https://www.inim.biz Link:...

7.1AI score
Exploits0
Ubuntu
Ubuntu
added 2019/12/10 1:49 p.m.64 views

USN-4218-1: GNU C Library vulnerability

Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

9.8CVSS8AI score0.04778EPSS
Exploits0
OSV
OSV
added 2019/12/10 1:49 p.m.3 views

USN-4218-1 eglibc vulnerability

Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

9.8CVSS7.5AI score0.04778EPSS
Exploits0References2
Zero Science Lab
Zero Science Lab
added 2019/12/09 12:0 a.m.90 views

Inim Electronics Smartliving SmartLAN/G/SI <=6.x Hard-coded Credentials

Summary SmartLiving anti-intrusion control panel and security system provides important features rarely found in residential, commercial or industrial application systems of its kind. This optimized-performance control panel provides first-rate features such as: graphic display, text-to-speech,...

5.7AI score
Exploits0
OpenVAS
OpenVAS
added 2019/12/09 12:0 a.m.9 views

SYS.2.2.2.A21

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Kern-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/12/09 12:0 a.m.9 views

SYS.2.2.2.A7

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Standard-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify...

7.3AI score
Exploits0References1
Fedora
Fedora
added 2019/12/08 1:3 a.m.49 views

[SECURITY] Fedora 30 Update: oniguruma-6.9.2-4.fc30

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

9.8CVSS3.2AI score0.10539EPSS
Exploits6
OSV
OSV
added 2019/12/05 2:15 p.m.3 views

DEBIAN-CVE-2019-19602

fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact because of incorrect fpufpregsownerctx caching, as demonstrated...

6.1CVSS7.2AI score0.00608EPSS
Exploits1References1
Fedora
Fedora
added 2019/12/04 1:15 a.m.53 views

[SECURITY] Fedora 31 Update: oniguruma-6.9.4-1.fc31

Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...

9.8CVSS3.2AI score0.10539EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.254 views

EulerOS 2.0 SP2 : binutils (EulerOS-SA-2019-2450)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++...

9.8CVSS7.3AI score0.08111EPSS
Exploits15References62
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.19 views

EulerOS 2.0 SP2 : tar (EulerOS-SA-2019-2423)

According to the version of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended...

7.5CVSS7.8AI score0.15155EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.33 views

EulerOS 2.0 SP2 : patch (EulerOS-SA-2019-2428)

According to the versions of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff...

7.1CVSS6.7AI score0.06096EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/12/03 11:4 a.m.4 views

patch: do_ed_script in pch.c does not block strings beginning with a ! character

A flaw was found in GNU patch through version 2.7.6. Strings beginning with a exclamation mark are not blocked by default. When ed receives an exclamation mark-prefixed command line argument, the argument is executed as a shell command. The highest threat from this vulnerability is to data...

9.3CVSS5.7AI score0.02706EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2019/12/03 11:4 a.m.2 views

patch: OS shell command injection when processing crafted patch files

A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this...

9.3CVSS5.7AI score0.0453EPSS
Exploits0References4
CNVD
CNVD
added 2019/12/03 12:0 a.m.5 views

GnuPG Encryption Problem Vulnerability

GnuPG is an open source suite of cryptographic software from the GNU Project under the GNU General Public License. The software supports public key, symmetric encryption, hashing and other algorithms. A cryptographic issue vulnerability exists in versions of GnuPG prior to 2.2.18, which can be...

7.5CVSS7.5AI score0.0105EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/12/03 12:0 a.m.36 views

EulerOS Virtualization for ARM 64 3.0.3.0 : gettext (EulerOS-SA-2019-2320)

According to the version of the gettext packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to...

9.8CVSS6.8AI score0.04293EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/02 12:0 a.m.42 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : patch Multiple Vulnerabilities (NS-SA-2019-0223)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has patch packages installed that are affected by multiple vulnerabilities: - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style...

9.3CVSS7.5AI score0.0453EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2019/12/01 12:0 a.m.26 views

openSUSE: Security Advisory for cpio (openSUSE-SU-2019:2593-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.3CVSS7.3AI score0.00686EPSS
Exploits1References2
Rows per page
Query Builder