Lucene search
K

72 matches found

OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1211)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.3AI score0.07528EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for libXpm, libXdmcp, libICE (EulerOS-SA-2017-1212)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.3AI score0.07528EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2019/11/26 12:0 a.m.24 views

Debian: Security Advisory (DLA-2002-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00464EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/11/25 12:0 a.m.48 views

Debian DLA-2002-1 : libice security update

It has been found, that libice, an X11 Inter-Client Exchange library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 'Jessie', this problem has been fixed in version 2:1.0.9-1+deb8u1. We recommend that you upgrade your libice packages. NOT...

5.5CVSS6.1AI score0.00464EPSS
Exploits2References3
Debian
Debian
added 2019/11/23 7:4 p.m.98 views

[SECURITY] [DLA 2002-1] libice security update

Package : libice Version : 2:1.0.9-1+deb8u1 CVE ID : CVE-2017-2626 It has been found, that libice, an X11 Inter-Client Exchange library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 "Jessie", this problem has been fixed in version...

5.5CVSS5.6AI score0.00464EPSS
Exploits2
OSV
OSV
added 2019/11/23 12:0 a.m.31 views

DLA-2002-1 libice - security update

Bulletin has no description...

5.5CVSS5.6AI score0.00464EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.29 views

Security Bulletin: Vulnerability in X.Org libICE affects IBM Chassis Management Module (CVE-2017-2626)

Summary IBM Chassis Management Module has addressed the following vulnerability in X.Org libICE. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerability in X.Org libICE. Vulnerability Details: CVEID: CVE-2017-2626 Description: X.Org libICE could allow...

5.5CVSS0.4AI score0.00464EPSS
Exploits2
Prion
Prion
added 2018/07/27 7:29 p.m.21 views

Session fixation

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

2.1CVSS5.2AI score0.00464EPSS
Exploits2References9Affected Software6
NVD
NVD
added 2018/07/27 7:29 p.m.16 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS5.3AI score0.00464EPSS
Exploits2References9
UbuntuCve
UbuntuCve
added 2018/07/27 7:29 p.m.23 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS6.4AI score0.00464EPSS
Exploits2References5
OSV
OSV
added 2018/07/27 7:29 p.m.5 views

UBUNTU-CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS6.4AI score0.00464EPSS
Exploits2References6
OSV
OSV
added 2018/07/27 7:29 p.m.28 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS2AI score0.00464EPSS
Exploits2References9
OSV
OSV
added 2018/07/27 7:29 p.m.2 views

ALPINE-CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS6.5AI score0.00464EPSS
Exploits2References1
CVE
CVE
added 2018/07/27 7:0 p.m.218 views

CVE-2017-2626

Summary: CVE-2017-2626 affects X.Org libICE, where libICE before 1.0.9-8 uses weak entropy to generate session keys. This could enable a local attacker to hijack a session by observing data from the process list. Affected versions (from sources): libICE up to 1.0.9-8 (X.Org libICE). Some advisori...

5.5CVSS5.3AI score0.00464EPSS
Exploits2References9Affected Software1
Cvelist
Cvelist
added 2018/07/27 7:0 p.m.22 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.2CVSS5.4AI score0.00464EPSS
Exploits2References9
AlpineLinux
AlpineLinux
added 2018/07/27 7:0 p.m.53 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS5.6AI score0.00464EPSS
Exploits2
Debian CVE
Debian CVE
added 2018/07/27 7:0 p.m.22 views

CVE-2017-2626

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

5.5CVSS5.5AI score0.00464EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/09 5:47 a.m.38 views

Security Bulletin: Vulnerabilities in libXpm, libXdmcp, and libICE affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in libXpm, libXdmcp, and libICE . IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow bug in the AVX2...

6.5CVSS0.5AI score0.83645EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/02/02 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : libICE (SUSE-SU-2018:0337-1)

This update for libICE fixes the following issues : - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068 Note that Tenable Network Security has extracted the...

5.5CVSS6.3AI score0.00464EPSS
Exploits2References4
OSV
OSV
added 2018/02/01 11:39 a.m.10 views

SUSE-SU-2018:0337-1 Security update for libICE

This update for libICE fixes the following issues: - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068...

5.5CVSS5.8AI score0.00464EPSS
Exploits2References3
Rows per page
Query Builder