CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2014/11/01 5:15 p.m.•36 views

[SECURITY] Fedora 21 Update: wss4j-1.6.17-1.fc21

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services...

5CVSS2.4AI score0.09224EPSS

OpenVAS•added 2014/10/30 12:0 a.m.•22 views

Debian: Security Advisory (DSA-3061-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.04991EPSS

Exploits0References3

Fedora•added 2014/10/28 6:45 a.m.•18 views

[SECURITY] Fedora 20 Update: python-oauth2-1.5.211-8.fc20

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS

Tenable Nessus•added 2014/10/27 12:0 a.m.•43 views

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:209)

Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk : Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions CVE-2014-6506,...

6.8CVSS7.2AI score0.04102EPSS

UbuntuCve•added 2014/10/24 12:0 a.m.•38 views

CVE-2014-3688

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/smstatefuns.c...

5CVSS6.8AI score0.0585EPSS

Exploits1References9

RedHat Linux•added 2014/10/23 5:1 p.m.•53 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS bas...

7.1CVSS6.5AI score0.05794EPSS

Exploits0References3

Tenable Nessus•added 2014/10/23 12:0 a.m.•52 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20141015)

Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519 It was...

Tenable Nessus•added 2014/10/23 12:0 a.m.•40 views

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20141015)

Fedora•added 2014/10/22 8:51 a.m.•15 views

[SECURITY] Fedora 20 Update: perl-Mojolicious-5.49-1.fc20

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

1.1AI score

Tenable Nessus•added 2014/10/22 12:0 a.m.•39 views

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

7.8CVSS7.3AI score0.05794EPSS

Exploits6References12

Tenable Nessus•added 2014/10/20 12:0 a.m.•46 views

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-431)

Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. CVE-2014-6506 , CVE-2014-6531 , CVE-2014-6502 , CVE-2014-6511 , CVE-2014-6504 , CVE-2014-6519 It was...

Tenable Nessus•added 2014/10/20 12:0 a.m.•43 views

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2014-432)

It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2014-6562 Multiple flaws were discover...

9.3CVSS7.3AI score0.04783EPSS

Exploits0References13

Tenable Nessus•added 2014/10/16 12:0 a.m.•54 views

CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2014:1634)

Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

Packet Storm•added 2014/10/16 12:0 a.m.•24 views

Exploits0References13

IPy Blacklist Bypass

IPy is a Python "class and tools for handling of IPv4 and IPv6 addresses and networks" https://github.com/haypo/python-ipy. This library is sometimes used to implement blacklists forbidding internal, private or loopback addresses. Using octal encoding supported by urllib2, it is possible to bypas...

Tenable Nessus•added 2014/10/16 12:0 a.m.•33 views

CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2014:1620)

Updated java-1.7.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...