Lucene search
K

9185 matches found

Tenable Nessus
Tenable Nessus
added 2020/05/05 12:0 a.m.66 views

RHEL 7 / 8 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.1AI score0.60727EPSS
Exploits1References9
Cvelist
Cvelist
added 2020/05/04 1:25 p.m.17 views

CVE-2020-8896 Buffer Overflow in Google Earth Pro

A Buffer Overflow vulnerability in the khcrypt implementation in Google Earth Pro versions up to and including 7.3.2 allows an attacker to perform a Man-in-the-Middle attack using a specially crafted key to read data past the end of the buffer used to hold it. Mitigation: Update to Google Earth P...

4.2CVSS6.3AI score0.00394EPSS
Exploits0References1
Fedora
Fedora
added 2020/05/03 4:55 a.m.37 views

[SECURITY] Fedora 31 Update: rubygem-json-2.2.0-202.fc31

This is a implementation of the JSON specification according to RFC 4627 in Ruby. You can think of it as a low fat alternative to XML, if you want to store data to disk or transmit it over a network rather than use a verbose markup language...

7.5CVSS1.8AI score0.06811EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.68 views

Junos OS: Established BGP Session Termination Vulnerability (JSA10996)

The version of Junos OS installed on the remote host is 12.3, 12.3X48, 14.1X53 or prior to 15.1R7-S5, 15.1F6-S13, 15.1X49-D180, 15.1X53-D238, 15.1X53-D497, 15.1X53-D592, 16.1R7-S7, 17.1R2-S12, 17.2R2-S7, 17.2X75-D102, 17.3R2-S5, 17.4R1-S8, 18.1R2-S4, or 18.2X75-D20. It is, therefore, affected by ...

8.6CVSS7.5AI score0.01288EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.53 views

Debian DSA-4667-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. - CVE-2020-2732 Paulo Bonzini discovered that the KVM implementation for Intel processors did not properly handle instruction emulation for L2 guests...

7.1CVSS6.6AI score0.00962EPSS
Exploits2References13
Ubuntu
Ubuntu
added 2020/04/29 12:6 a.m.83 views

USN-4346-1: Linux kernel vulnerabilities

It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service system crash. CVE-2019-16233 It was discovered that the Intel Wi-Fi driver in t...

7.5CVSS6.5AI score0.0415EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.39 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4346-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4346-1 advisory. It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A loc...

7.5CVSS6.7AI score0.0415EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.69 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4344-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4344-1 advisory. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly u...

7.5CVSS7.1AI score0.0415EPSS
Exploits2References8
Fedora
Fedora
added 2020/04/28 2:33 a.m.31 views

[SECURITY] Fedora 32 Update: libssh-0.9.4-2.fc32

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

5.3CVSS3.6AI score0.03065EPSS
Exploits0
OSV
OSV
added 2020/04/24 4:15 p.m.3 views

CVE-2019-4751

IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...

5.3CVSS6.1AI score0.01269EPSS
Exploits0References2
Prion
Prion
added 2020/04/24 4:15 p.m.15 views

Information disclosure

IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...

5CVSS5AI score0.01269EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/04/24 3:50 p.m.90 views

CVE-2019-4751

CVE-2019-4751 affects IBM Cloud App Management 2019.3.0 and 2019.4.0, where API requests reveal a stack trace that can disclose implementation details. This is an information-disclosure vulnerability stemming from stack traces exposed by the service. Affected versions: IBM Cloud App Management V2...

5.3CVSS5AI score0.01269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/04/24 3:50 p.m.20 views

CVE-2019-4751

IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...

5.3CVSS5AI score0.01269EPSS
Exploits0References2
RustSec
RustSec
added 2020/04/24 12:0 p.m.26 views

Relies on undefined behavior of `char::from_u32_unchecked`

The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...

7.5CVSS3.5AI score0.01336EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/04/24 12:0 p.m.18 views

RUSTSEC-2020-0012 Relies on undefined behavior of `char::from_u32_unchecked`

The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...

7.5CVSS7.6AI score0.01336EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/04/22 1:52 p.m.22 views

CVE-2020-11796

In JetBrains Space through 2020-04-22, the password authentication implementation was insecure...

9.8AI score0.01228EPSS
Exploits0References1
Prion
Prion
added 2020/04/17 2:15 p.m.17 views

Authentication flaw

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 North America CDMA software. The LTE protocol implementation allows a bypass of AKA Authentication and Key Agreement. The LG ID is LVE-SMP-180014 February 2019...

6.4CVSS9AI score0.00425EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/04/15 9:15 p.m.14 views

CVE-2020-3162

A vulnerability in the Constrained Application Protocol CoAP implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation of incoming Co...

7.5CVSS7.5AI score0.01665EPSS
Exploits0References1
Prion
Prion
added 2020/04/15 3:15 p.m.18 views

Security feature bypass

A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography ECC implementation.An attacker could potentially abuse these bugs to learn information about a server’s private ECC key a key...

7.5CVSS9.3AI score0.02541EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/15 3:13 p.m.32 views

CVE-2020-1026

A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography ECC implementation.An attacker could potentially abuse these bugs to learn information about a server’s private ECC key a key...

9.4AI score0.02541EPSS
Exploits0References1
Rows per page
Query Builder