Lucene search
K

9164 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.28 views

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:0678-1)

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues : Security issue fixed : CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: Fixed a segfault in...

7.4CVSS6.3AI score0.05701EPSS
Exploits0References6
OSV
OSV
added 2019/03/23 11:0 a.m.7 views

OPENSUSE-SU-2019:0204-1 Security update for chromium

This update for Chromium to version 72.0.3626.96 fixes the following issues: Security issues fixed bsc1123641 and bsc1124936: - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8. ...

9.6CVSS7.7AI score0.12879EPSS
Exploits2References33
Kitploit
Kitploit
added 2019/03/22 8:22 p.m.225 views

SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service

Sms Stack is a Framework to provided TPC/IP based characteristics to the GSM Short Message Service. This framework works in multiple environments to provided a full stack integration in a service. The main layer features techniques to control the order and the number of sms for a given stream, an...

7.2AI score
Exploits0References1
OSV
OSV
added 2019/03/21 4:1 p.m.6 views

CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...

5.5CVSS7.5AI score
Exploits0References25
Prion
Prion
added 2019/03/21 4:1 p.m.25 views

Design/Logic Flaw

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...

2.1CVSS6.1AI score0.00678EPSS
Exploits1References25Affected Software16
OSV
OSV
added 2019/03/21 4:0 p.m.16 views

CVE-2018-16789

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and taking the service down...

7.5CVSS6.6AI score
Exploits0References4
OSV
OSV
added 2019/03/21 9:40 a.m.4 views

SUSE-SU-2019:0678-1 Security update for openssl-1_1

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...

7.4CVSS6.6AI score0.05701EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/03/21 12:0 a.m.43 views

CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...

5.5CVSS6.7AI score0.00678EPSS
Exploits1References9
CNVD
CNVD
added 2019/03/21 12:0 a.m.2 views

PuTTY memory overwrite vulnerability

PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms and an xterm terminal emulator. A memory overwrite vulnerability exists in PuTTY versions prior to 0.71. A remote attacker can exploit this vulnerability to overwrite memory...

7.5CVSS6.9AI score0.02447EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/03/18 12:0 a.m.51 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3910-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3910-1 advisory. It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflushmerge mount option correctly. An attacker could u...

6.7CVSS6.6AI score0.07291EPSS
Exploits6References6
Fedora
Fedora
added 2019/03/16 7:17 p.m.30 views

[SECURITY] Fedora 29 Update: advancecomp-2.1-9.fc29

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

7.8CVSS1.8AI score0.01424EPSS
Exploits1
Debian
Debian
added 2019/03/15 10:45 p.m.417 views

[SECURITY] [DLA 1715-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.144-3.1deb8u1 CVE ID : CVE-2017-18249 CVE-2018-1128 CVE-2018-1129 CVE-2018-3639 CVE-2018-5391 CVE-2018-5848 CVE-2018-6554 CVE-2018-12896 CVE-2018-13053 CVE-2018-13096 CVE-2018-13097 CVE-2018-13100 CVE-2018-13406 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612...

7.8CVSS7.3AI score0.60631EPSS
Exploits11
RedHat Linux
RedHat Linux
added 2019/03/13 2:4 p.m.106 views

Important: Red Hat Security Advisory: .NET Core on Red Hat Enterprise Linux security update for March 2019

Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...

6.5CVSS6.9AI score0.02696EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2019/03/12 12:0 a.m.25 views

Microsoft Internet Explorer CustomEvent Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5CVSS2.9AI score0.08261EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/03/07 12:0 a.m.70 views

Debian: Security Advisory (DSA-4403-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.09395EPSS
Exploits5References4
0day.today
0day.today
added 2019/03/02 12:0 a.m.74 views

Google Chrome < M72 - PaymentRequest Service Use-After-Free Exploit

Google Chrome M72 - PaymentRequest Service Use-After-Free Exploit There are several object-lifetime issues in the browser process in the implementation of payments.mojom.PaymentRequest. The PaymentRequest object contains a std::uniqueptr to a PaymentRequestSpec, which is initialised during the ca...

0.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/02/25 10:39 a.m.89 views

Moderate: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

6.5CVSS6.9AI score0.01573EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/02/25 10:39 a.m.6 views

chromium-browser: Inappropriate implementation in V8

Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.5AI score0.01573EPSS
Exploits0References5
Prion
Prion
added 2019/02/21 9:29 p.m.17 views

Command injection

In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow...

7.5CVSS9.5AI score0.01636EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2019/02/21 2:58 a.m.34 views

[SECURITY] Fedora 29 Update: createrepo_c-0.12.1-1.fc29

C implementation of Createrepo. A set of utilities createrepoc, mergerepoc, modifyrepoc for generating a common metadata repository from a directory of rpm packages and maintaining it...

9.3CVSS2.3AI score0.0571EPSS
Exploits0
Rows per page
Query Builder