Lucene search
K

9185 matches found

Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.36 views

FreeBSD : GnuTLS -- flaw in DTLS protocol implementation (d887b3d9-7366-11ea-b81a-001cc0382b2f)

The GnuTLS project reports : It was found that GnuTLS 3.6.3 introduced a regression in the DTLS protocol implementation. This caused the DTLS client to not contribute any randomness to the DTLS negotiation breaking the security guarantees of the DTLS protocol. C Tenable Network Security, Inc. The...

7.4CVSS6.7AI score0.03388EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/03/31 8:51 p.m.85 views

Moderate: Red Hat Security Advisory: texlive security update

An update for texlive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7.2AI score0.02058EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/03/31 8:28 a.m.31 views

CVE-2018-5703

The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel, through 4.14.11, allows attackers to cause a denial of service slab out-of-bounds write or possibly have unspecified other impact via vectors involving in-kernel TLS implementation. Due to the nature of the flaw, privilege...

10CVSS6.9AI score0.0263EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2020/03/25 11:30 a.m.79 views

March 2020 - Professional Services and the Media Industry

In today's ever-shifting market, we recognize that you need to be constantly adapting, and Akamai provides a way to enhance your customers' experiences through our unique expertise, helping you unlock the value of Akamai's products and services. Professional Services' primary mission is to drive...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/03/24 12:0 a.m.48 views

Debian DSA-4645-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. - CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. - CVE-2020-6424 Sergei...

8.8CVSS7.5AI score0.03498EPSS
Exploits7References21
OSV
OSV
added 2020/03/23 4:15 p.m.1 views

DEBIAN-CVE-2020-6426

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.4AI score0.02861EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/03/23 4:15 p.m.21 views

CVE-2020-6426

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7AI score0.02861EPSS
Exploits1References1
Prion
Prion
added 2020/03/23 4:15 p.m.29 views

Design/Logic Flaw

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

4.3CVSS6.8AI score0.02861EPSS
Exploits1References9Affected Software6
Debian
Debian
added 2020/03/23 1:41 a.m.80 views

[SECURITY] [DSA 4645-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4645-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 22, 2020 https://www.debian.org/security/faq -...

8.8CVSS9.2AI score0.03498EPSS
Exploits7
Prion
Prion
added 2020/03/20 3:15 p.m.14 views

Authentication flaw

Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit...

6.8CVSS8.1AI score0.00806EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/20 2:58 p.m.87 views

CVE-2020-1864

CVE-2020-1864 affects Huawei Secospace AntiDDoS8000 series (V500R001C00, V500R001C20, V500R001C60, V500R005C00). Root cause is improper authentication implementation that allows a remote attacker to obtain information and forge the peer device to send specific packets, enabling connection to the ...

8.1CVSS8.1AI score0.00806EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/20 1:51 p.m.20 views

CVE-2020-6426

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7AI score0.02861EPSS
Exploits1References9
CNVD
CNVD
added 2020/03/20 12:0 a.m.3 views

SuiteCRM .htaccess Protection Mechanism Incorrectly Implemented Vulnerability

SuiteCRM is a free open source customer relationship management application. SuiteCRM is vulnerable to an incorrect implementation of the .htaccess protection mechanism. No detailed vulnerability details are provided at this time...

5.3CVSS6.9AI score0.0087EPSS
Exploits0References1
Fedora
Fedora
added 2020/03/16 8:45 p.m.37 views

[SECURITY] Fedora 32 Update: opensmtpd-6.6.4p1-2.fc32

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defi ned by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTP...

10CVSS0.8AI score0.98946EPSS
Exploits41
Prion
Prion
added 2020/03/14 6:15 p.m.9 views

Design/Logic Flaw

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

7.5CVSS9.4AI score0.01736EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/14 5:23 p.m.27 views

CVE-2020-10571

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

9.5AI score0.01736EPSS
Exploits0References2
NVD
NVD
added 2020/03/13 7:15 p.m.12 views

CVE-2019-14303

Ricoh SP C250DN 1.05 devices allow denial of service issue 1 of 3. Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability...

7.5CVSS7.5AI score0.01254EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/12 12:0 a.m.40 views

Debian DSA-4638-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2019-19880 Richard Lorenz discovered an issue in the sqlite library. - CVE-2019-19923 Richard Lorenz discovered an out-of-bounds read issue in the sqlite library. - CVE-2019-19925 Richard Lorenz discovered an issue in...

8.8CVSS7.6AI score0.78808EPSS
Exploits28References87
Hacker One
Hacker One
added 2020/03/05 7:59 p.m.147 views

Visma Bug Bounty Program: [IDOR]Ability to Pause & Resume the Invoice of other users If GUID is known.

Insecure Direct Object Reference IDOR vulnerability is discovered via a certain endpoint and the application exposes a reference to an internal implementation object. It reveals the real identifier and format/pattern used of the element in the storage backend side...

4.4AI score
Exploits0
Hacker One
Hacker One
added 2020/03/05 5:30 p.m.101 views

Node.js: Node.js: TLS session reuse can lead to hostname verification bypass

The Node.js TLS library supports client side reuse of TLS sessions when multiple connections to the same server are opened. Code that wants to use this feature can listen for the 'session' event https://nodejs.org/api/tls.htmltlseventsession on a tls.TLSSocket to get notified of newly created TLS...

5.8CVSS7.3AI score0.06065EPSS
Exploits1
Rows per page
Query Builder