Lucene search
K

9184 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/18 12:0 a.m.43 views

RHEL 6 : chromium-browser (RHSA-2020:0514)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0514 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.87. Security Fixes:...

8.8CVSS7.2AI score0.06997EPSS
Exploits19References82
Tenable Nessus
Tenable Nessus
added 2020/02/13 12:0 a.m.53 views

Debian DSA-4621-1 : openjdk-8 - security update

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

8.1CVSS6.3AI score0.04903EPSS
Exploits0References10
Debian
Debian
added 2020/02/12 10:14 p.m.74 views

[SECURITY] [DSA 4621-1] openjdk-8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4621-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 12, 2020 https://www.debian.org/security/faq -...

8.1CVSS8.3AI score0.04903EPSS
Exploits0
OSV
OSV
added 2020/02/12 3:15 p.m.29 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

7CVSS6.7AI score0.00457EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2020/02/12 3:15 p.m.31 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

7CVSS6.7AI score0.00457EPSS
Exploits0References6
NVD
NVD
added 2020/02/12 2:15 p.m.24 views

CVE-2009-5139

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.5CVSS7.5AI score0.00373EPSS
Exploits4References2
Prion
Prion
added 2020/02/12 2:15 p.m.17 views

Design/Logic Flaw

The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

4.3CVSS7.2AI score0.01361EPSS
Exploits4References2
Prion
Prion
added 2020/02/12 2:15 p.m.15 views

Design/Logic Flaw

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

4.3CVSS7.2AI score0.00373EPSS
Exploits4References2
CVE
CVE
added 2020/02/12 1:29 p.m.55 views

CVE-2009-5139

The CVE-2009-5139 entry concerns the Gizmo5 SIP soft phone, where the SIP implementation exposes hashed credentials in a response to an invalid authentication challenge. This design allows remote attackers to attempt brute-force access against the target, as described in the vulnerability summary...

7.5CVSS7.5AI score0.00373EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2020/02/12 1:29 p.m.48 views

CVE-2009-5139

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.6AI score0.00373EPSS
Exploits4References2
Cvelist
Cvelist
added 2020/02/12 1:28 p.m.48 views

CVE-2009-5140

The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

8.6AI score0.01361EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2020/02/12 11:22 a.m.3 views

OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS7.4AI score0.04221EPSS
Exploits0References4
OSV
OSV
added 2020/02/12 5:12 a.m.5 views

OPENSUSE-SU-2020:0210-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to version 80.0.3987.87 boo1162833. Security issues fixed: - CVE-2020-6381: Integer overflow in JavaScript boo1162833. - CVE-2020-6382: Type Confusion in JavaScript boo1162833. - CVE-2019-18197: Multiple vulnerabilities in...

8.8CVSS8AI score0.06997EPSS
Exploits19References40
CNVD
CNVD
added 2020/02/12 12:0 a.m.2 views

Google Chrome Heap Corruption Vulnerability (CNVD-2020-05122)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A heap corruption vulnerability exists in Google Chrome versions prior to 80.0.3987.87. The vulnerability stems from an improper implementation of Blink in Google...

8.8CVSS8.7AI score0.02045EPSS
Exploits5References1
AlpineLinux
AlpineLinux
added 2020/02/12 12:0 a.m.73 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

7CVSS7.3AI score0.00457EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/11 6:29 p.m.17 views

Security Bulletin: Error in IBM Sterling B2B Integrator console processing could result in stack traces being displayed in the response (CVE-2013-0481)

Summary Errors or exceptions encountered in IBM Sterling B2B Integrator’s console processing could result in stack traces being displayed in the response, which could expose internal implementation information. Vulnerability Details CVE ID: CVE-2013-0481 DESCRIPTION: Errors or exceptions...

5CVSS1AI score0.01354EPSS
Exploits0Affected Software2
Prion
Prion
added 2020/02/11 5:15 p.m.24 views

Race condition

The uvrwlockt fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service deadlock or possibly have unspecified other impact by leveraging a race...

6.8CVSS7.7AI score0.0253EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2020/02/11 3:15 p.m.12 views

CVE-2020-6409

Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name...

8.8CVSS7.9AI score0.01742EPSS
Exploits0References9
NVD
NVD
added 2020/02/11 3:15 p.m.16 views

CVE-2020-6397

Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page...

6.5CVSS6.4AI score0.01915EPSS
Exploits1References9
NVD
NVD
added 2020/02/11 3:15 p.m.20 views

CVE-2020-6404

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.4AI score0.02045EPSS
Exploits5References8
Rows per page
Query Builder