Lucene search
K

9164 matches found

Tenable Nessus
Tenable Nessus
added 2019/02/21 12:0 a.m.175 views

MongoDB 3.4.x < 3.4.10 / 3.5.x < 3.6.0-rc0 mongod

The version of the remote MongoDB server is 3.4.x prior to 3.4.10 / 3.5.x prior to 3.6.0-rc0. It is, therefore, affected by a denial of service vulnerability in mongod networkMessageCompressors due to an implementation error. A remote, unauthenticated attacker can exploit this, to cause a denial ...

9.1CVSS8.1AI score0.01567EPSS
Exploits0References3
Mageia
Mageia
added 2019/02/20 11:50 p.m.67 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.100 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the...

8.8CVSS0.16523EPSS
Exploits10References23
NVD
NVD
added 2019/02/19 5:29 p.m.15 views

CVE-2019-5754

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...

6.5CVSS6.9AI score0.00581EPSS
Exploits0References7
Prion
Prion
added 2019/02/19 5:29 p.m.14 views

Information disclosure

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...

4.3CVSS7AI score0.00581EPSS
Exploits0References7Affected Software6
OSV
OSV
added 2019/02/19 5:29 p.m.6 views

CVE-2019-5754

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...

6.5CVSS8.8AI score
Exploits0References7
CVE
CVE
added 2019/02/19 5:0 p.m.274 views

CVE-2019-5754

CVE-2019-5754 affects Google Chrome’s QUIC networking implementation. Root cause: an implementation error in QUIC networking prior to version 72.0.3626.81. Consequence: an attacker who can cause the use of a proxy server can obtain cleartext of the transport encryption via a malicious network pro...

6.5CVSS6.1AI score0.00581EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2019/02/19 5:0 p.m.18 views

CVE-2019-5754

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...

6.3AI score0.00581EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2019/02/19 5:0 p.m.20 views

CVE-2019-5754

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...

6.5CVSS7.5AI score0.00581EPSS
Exploits0
OSV
OSV
added 2019/02/19 8:26 a.m.7 views

SUSE-SU-2019:0427-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Security issue fixed: - CVE-2018-5383: Fixed an implementation issue in Bluetooth where the eliptic curve parameters were not sufficiently validated during Diffie-Hellman key exchange bsc1104301...

8CVSS7.9AI score0.00802EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.41 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2019:13962-1)

This update for kvm fixes the following issues : Security issues fixed : CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. CVE-2018-19489: Fixed a denial of service vulnerability in virtfs bsc1117275. CVE-2018-19364: Fixed a use-after-free if the...

7.8CVSS6.5AI score0.00615EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.57 views

Debian DSA-4395-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-17481 A use-after-free issue was discovered in the pdfium library. - CVE-2019-5754 Klzgrad discovered an error in the QUIC networking implementation. - CVE-2019-5755 Jay Bosamiya discovered an implementation erro...

9.6CVSS7.4AI score0.12879EPSS
Exploits2References63
OSV
OSV
added 2019/02/18 4:59 p.m.11 views

OPENSUSE-SU-2019:0206-1 Security update for chromium

This update for Chromium to version 72.0.3626.96 fixes the following issues: Security issues fixed bsc1123641 and bsc1124936: - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8. ...

9.6CVSS7.7AI score0.12879EPSS
Exploits2References33
Fedora
Fedora
added 2019/02/18 2:5 a.m.26 views

[SECURITY] Fedora 29 Update: python-markdown2-2.3.7-1.fc29

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Fedora
Fedora
added 2019/02/18 1:27 a.m.29 views

[SECURITY] Fedora 28 Update: python-markdown2-2.3.7-1.fc28

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
OSV
OSV
added 2019/02/13 2:29 p.m.13 views

CVE-2018-20164

An issue was discovered in regex.yaml aka regexes.yaml in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service ReDoS issue allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to a value containing a long digit string. The UAP-Core...

5.3CVSS7.2AI score
Exploits0References4
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.98 views

Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow

''' ======================================================== Unauthenticated Stack Overflow in Multiple Gpon Devices ======================================================== . contents:: Table Of Content Overview ======== Title:- StackOverflow in Multiple Skyworth GPON HomeGateways and Optical...

10CVSS9.7AI score0.50523EPSS
Exploits5
Apache Tomcat
Apache Tomcat
added 2019/02/08 12:0 a.m.82 views

Fixed in Apache Tomcat 8.5.38

Important: Denial of Service CVE-2019-0199 The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's...

7.5CVSS6.7AI score0.72855EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/08 12:0 a.m.46 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3871-5)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-5 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An...

8.8CVSS7.3AI score0.02914EPSS
Exploits7References14
OpenVAS
OpenVAS
added 2019/02/08 12:0 a.m.106 views

Ubuntu: Security Advisory (USN-3871-5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.02914EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2019/02/07 10:4 p.m.110 views

USN-3878-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Rows per page
Query Builder