Lucene search
K

17000 matches found

Packet Storm
Packet Storm
added 2019/06/13 12:0 a.m.1711 views

WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: WAGO 852 Industrial Managed Switch Series vulnerable version: 852-303: v1.2.2.S0 852-1305: v1.1.6.S0 852-1505: v1.1.5.S0 fixed version:...

10CVSS0.2AI score0.94859EPSS
Exploits69
Amazon
Amazon
added 2019/06/11 12:0 a.m.44 views

Important: wget

Issue Overview: Buffer overflow in GNU Wget allows remote attackers to cause a denial-of-service DoS or may execute an arbitrary code via unspecified vectors. CVE-2019-5953 Affected Packages: wget Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

9.8CVSS10AI score0.05141EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/06/05 12:0 a.m.48 views

Fedora Update for kernel-headers FEDORA-2019-48b34fc991

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS7.7AI score0.00645EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/06/03 12:0 a.m.36 views

Apache Hadoop Privilege Escalation Vulnerability (CVE-2018-8029)

Apache Hadoop is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:hadoop"; i...

9CVSS7.3AI score0.03982EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/30 9:45 p.m.74 views

Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance

Summary IBM Security Access Manager Appliance has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-10915 DESCRIPTION: PostgreSQL could allow a remote attacker to bypass security restrictions, caused by an issue with improperly resting internal state in between...

9.8CVSS1.2AI score0.49268EPSS
Exploits2Affected Software3
OSV
OSV
added 2019/05/30 11:41 a.m.4 views

USN-3998-1 evolution-data-server vulnerability

Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted...

6.5CVSS6.8AI score0.02443EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.22 views

EulerOS Virtualization 3.0.1.0 : tar (EulerOS-SA-2019-1608)

According to the version of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed...

7.5CVSS6.5AI score0.03028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.25 views

Ubuntu 14.04 LTS : GNU Screen vulnerability (USN-3996-1)

Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly...

5CVSS7.5AI score0.04148EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2019/05/29 1:55 p.m.190 views

USN-3996-1: GNU Screen vulnerability

Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code...

5CVSS7.5AI score0.04148EPSS
Exploits1
OSV
OSV
added 2019/05/29 1:55 p.m.2 views

USN-3996-1 GNU Screen vulnerability

Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code...

5CVSS7.3AI score0.04148EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2019/05/28 12:0 a.m.127 views

Phraseanet DAM Cross Site Scripting

Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected: 4.0.3 4.0.4-dev and below Version fixed:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/28 12:0 a.m.30 views

Phraseanet 4.0.7 - Cross-Site Scripting

Phraseanet 4.0.7 - Cross-Site Scripting Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.32 views

F5 Networks BIG-IP : GNU Binutils vulnerability (K13534168)

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in cp-demangle.c after many recursive calls. CVE-2019-9070 Impact Successful exploitation of this vulnerability may lead to disclosure of sensitive information,...

7.8CVSS7.6AI score0.01802EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2019/05/28 12:0 a.m.129 views

Phraseanet < 4.0.7 - Cross-Site Scripting

Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Date: 10/10/2018 Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected: 4.0.3 4.0.4-dev and below Version fixed:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.272 views

Phraseanet < 4.0.7 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.203 views

Linux/x64 - Execve(/bin/sh) Shellcode (23 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x8664 - execve /bin/sh ;Author: rajvardhan ;Architecture: Linux x8664 ;Possibly The Smallest And Fully Reliable Shellcode =========== Asm Source =========== global start section .text start: xor rsi,rsi push rsi mov rdi,0x68732f2f6e69622f push rdi push rsp...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2019/05/24 12:0 a.m.55 views

Fedora Update for kernel FEDORA-2019-b318b2c6f3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.3AI score0.04425EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/05/22 7:29 p.m.357 views

CVE-2018-12886

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

8.1CVSS7.2AI score0.02171EPSS
Exploits1References2
OSV
OSV
added 2019/05/22 7:29 p.m.1 views

UBUNTU-CVE-2018-12886

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

8.1CVSS5.8AI score0.02171EPSS
Exploits1References3
OSV
OSV
added 2019/05/22 7:29 p.m.34 views

CVE-2018-12886

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

8.1CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder