Lucene search
K

9164 matches found

Tenable Nessus
Tenable Nessus
added 2019/06/07 12:0 a.m.30 views

openSUSE Security Update : cronie (openSUSE-2019-1520)

This update for cronie fixes the following issues : Security issues fixed : - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the daemon bsc1128937. - CVE-2019-9705: Fixed an implementation vulnerabili...

5.5CVSS5.3AI score0.00354EPSS
Exploits0References6
NVD
NVD
added 2019/06/06 3:29 p.m.17 views

CVE-2019-5295

Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125C00E125R2P14T8 have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This...

6.4CVSS6.4AI score0.00223EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/06/04 9:34 p.m.92 views

Is 'Sign in with Apple' Marketing Spin or Privacy Magic? Experts Weigh In

Apple’s “Sign in with Apple” feature promises to protect user privacy – and while many are looking at that claim as more of a marketing move than anything else, authentication experts say it has the potential to have an enormous impact on the data privacy ecosystem. The giant from Cupertino took...

7.2AI score
Exploits0References9
OpenVAS
OpenVAS
added 2019/06/02 12:0 a.m.55 views

Fedora Update for community-mysql FEDORA-2019-6a8a9efc40

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.7CVSS6.2AI score0.04457EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.109 views

Amazon Linux 2 : openssh (ALAS-2019-1216)

An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented. A...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.48 views

Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. This updated advisory text adds a note about the need to install new binary packages. CVE-2018-5995 ADLab of VenusTech discovered that the kernel logge...

8.3CVSS7.4AI score0.03313EPSS
Exploits6References18
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.35 views

Fedora 30 : mod_http2 (2019-08e57d15fd)

Code cleanups and Simplifications : - in stream instance and main connection output handling for a common strategy in h2/h2c versions of the protocol. Stream instances are kept in one place which will make future optimizations in state handling easier. - Discarding idea of re-using bucket beams a...

5.3CVSS6.7AI score0.193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.32 views

Debian DSA-4450-1 : wpa - security update

A vulnerability was found in the WPA protocol implementation found in wpasupplication station and hostapd access point. The EAP-pwd implementation in hostapd EAP server and wpasupplicant EAP peer doesn't properly validate fragmentation reassembly state when receiving an unexpected fragment. This...

5.9CVSS6.2AI score0.03252EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/05/26 12:0 a.m.23 views

Fedora Update for mediaconch FEDORA-2019-1736c1268d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2019/05/26 12:0 a.m.25 views

Fedora Update for mediaconch FEDORA-2019-b7cf3236fb

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2019/05/26 12:0 a.m.32 views

Fedora Update for mediaconch FEDORA-2019-7155125125

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.7AI score0.02503EPSS
Exploits2References2
Fedora
Fedora
added 2019/05/25 1:11 a.m.42 views

[SECURITY] Fedora 28 Update: mediaconch-18.03.2-7.fc28

MediaConch is an implementation checker, policy checker, reporter, and fixer that targets preservation-level audiovisual files specifically Matroska, Linear Pulse Code Modulation LPCM and FF Video Codec 1 FFV1. This project is maintained by MediaArea and funded by PREFORMA. This package includes...

6.5CVSS3.4AI score0.02503EPSS
Exploits2
Prion
Prion
added 2019/05/23 4:29 p.m.14 views

Design/Logic Flaw

Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack...

5CVSS7.2AI score0.03592EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/22 6:12 p.m.21 views

CVE-2019-5627 BlueCats Reveal iOS App Insecure Storage

The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...

2.8CVSS7.4AI score0.00351EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/22 12:0 a.m.50 views

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2019:14059-1)

This update for java-171-ibm fixes the following issues : Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed : CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes bsc1134718. CVE-2019-2698: Fixed out of bounds access flaw in the 2D component bsc1132729...

8.1CVSS6.8AI score0.37618EPSS
Exploits2References16
Mageia
Mageia
added 2019/05/16 8:25 a.m.58 views

Updated kernel-linus packages fixes security vulnerabilities

This kernel update provides the upstream 4.14.119 that adds the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. To complete the mitigatio...

7.7CVSS7.4AI score0.05667EPSS
Exploits9References21
Veracode
Veracode
added 2019/05/16 3:18 a.m.31 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. This is because the Serial Attached SCSI SAS implementation mishandles a mutex within libsas. This allows local users to cause a denial of service deadlock by triggering certain error-handling code...

5.5CVSS5.6AI score0.00683EPSS
Exploits1References29Affected Software2
Veracode
Veracode
added 2019/05/16 3:18 a.m.173 views

Denial Of Service (DoS)

Python is vulnerable to denial of serviceDoS attacks. This is because the implementation of catastrophic backtracking. A remote authenticated user could trigger a denial of service condition via backtracking in 'difflib.ISLINEJUNK' method in difflib which may leads to a application crash...

7.5CVSS7.7AI score0.04979EPSS
Exploits0References29Affected Software6
Vulnrichment
Vulnrichment
added 2019/05/15 4:50 p.m.11 views

CVE-2019-1730 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

6CVSS7.1AI score0.00398EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.237 views

EulerOS Virtualization 3.0.1.0 : libxml2 (EulerOS-SA-2019-1559)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs...

7.5CVSS7AI score0.03681EPSS
Exploits1References5
Rows per page
Query Builder