Lucene search
K

16992 matches found

Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.41 views

Amazon Linux AMI : patch (ALAS-2019-1312)

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 , but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.CVE-2018-20969 GNU patch through 2.7.6 is vulnerable to OS shell...

9.3CVSS6.3AI score0.08411EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2019/10/26 12:0 a.m.34 views

Fedora Update for kernel FEDORA-2019-41e28660ae

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.4AI score0.98745EPSS
Exploits15References2
RedhatCVE
RedhatCVE
added 2019/10/25 10:51 p.m.33 views

CVE-2019-17544

libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character...

9.1CVSS3.6AI score0.03259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/10/25 12:0 a.m.36 views

Amazon Linux 2 : patch (ALAS-2019-1317)

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 , but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.CVE-2018-20969 GNU patch through 2.7.6 is vulnerable to OS shell...

9.3CVSS6.3AI score0.08411EPSS
Exploits1References5
Symantec
Symantec
added 2019/10/24 12:0 a.m.42 views

GNU GRUB2 'grub2-set-bootflag' Utility Local Denial of Service Vulnerability

Description GNU GRUB2 is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected GNU GRUB2 Redhat Enterprise Linux 8 Recommendations Permit local access for trusted individuals only. Where possible, us...

1AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/10/23 12:0 a.m.24 views

Fedora Update for radare2 FEDORA-2019-65c33bdc2a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.04414EPSS
Exploits2References2
NVD
NVD
added 2019/10/22 4:15 p.m.11 views

CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS7.4AI score0.0279EPSS
Exploits0References12
OSV
OSV
added 2019/10/22 4:15 p.m.19 views

CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS7.1AI score
Exploits0References12
OSV
OSV
added 2019/10/22 4:15 p.m.2 views

ALPINE-CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS6.9AI score0.0279EPSS
Exploits0References1
Prion
Prion
added 2019/10/22 4:15 p.m.13 views

Code injection

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

5CVSS8.3AI score0.0279EPSS
Exploits0References12Affected Software1
UbuntuCve
UbuntuCve
added 2019/10/22 4:15 p.m.22 views

CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS6.8AI score0.0279EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/10/22 3:14 p.m.25 views

CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.4AI score0.0279EPSS
Exploits0References12
CVE
CVE
added 2019/10/22 3:14 p.m.205 views

CVE-2019-12290

Libidn2 (GNU libidn2) before 2.2.0 fails RFC3490 roundtrip checks when converting A-labels to U-labels, enabling domain impersonation. Affected: libidn2 (prior to 2.2.0). Remediation: upgrade to 2.2.0 or newer (advisories show updates to 2.3.x). Connected advisories also reference CVE-2019-18224 ...

7.5CVSS7.3AI score0.0279EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2019/10/22 3:14 p.m.18 views

CVE-2019-12290

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...

7.5CVSS7.5AI score0.0279EPSS
Exploits0
CNVD
CNVD
added 2019/10/22 12:0 a.m.4 views

GNU libidn2 Buffer Error Vulnerability

GNU libidn2 is a library that supports encoding and decoding of internationalized domain names. A buffer error vulnerability exists in the 'idn2toascii4i' function of the lib/lookup.c file in GNU libidn2 versions prior to 2.1.1, which can be exploited by attackers to cause, among other things, a...

9.8CVSS9.6AI score0.03708EPSS
Exploits1References1
OSV
OSV
added 2019/10/21 5:15 p.m.17 views

CVE-2019-18224

idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string...

9.8CVSS7.6AI score
Exploits0References11
Cvelist
Cvelist
added 2019/10/21 4:21 p.m.18 views

CVE-2019-18224

idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string...

9.5AI score0.03708EPSS
Exploits1References11
Amazon
Amazon
added 2019/10/21 12:0 a.m.42 views

Important: patch

Issue Overview: doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.CVE-2018-20969 GNU patch through 2.7.6 is vulnerab...

9.3CVSS7.3AI score0.08411EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/10/21 12:0 a.m.13 views

tcpdump Detection (SSH)

Checks whether tcpdump is installed on the target system and if so, tries to detect the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General...

0.3AI score
Exploits0References1
Debian
Debian
added 2019/10/19 7:13 p.m.123 views

[SECURITY] [DLA 1966-1] aspell security update

Package : aspell Version : 0.60.720110707-1.3+deb8u1 CVE ID : CVE-2019-17544 It was discovered that Aspell, the GNU spell checker, incorrectly handled certain inputs which leads to a stack-based buffer over-read. An attacker could potentially access sensitive information. For Debian 8 "Jessie",...

9.1CVSS9.2AI score0.03259EPSS
Exploits0
Rows per page
Query Builder