Lucene search
K

236 matches found

Tenable Nessus
Tenable Nessus
added 2017/04/24 12:0 a.m.52 views

Mozilla Firefox ESR < 45.9

The version of Firefox ESR installed on the remote Windows host is prior to 45.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-11 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...

9.8CVSS7.9AI score0.18756EPSS
Exploits20References26
Tenable Nessus
Tenable Nessus
added 2017/04/24 12:0 a.m.79 views

Mozilla Firefox ESR < 52.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-12 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...

9.8CVSS7.6AI score0.18756EPSS
Exploits24References34
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.4 views

libevent: Stack-buffer overflow in the name_parse() function

A vulnerability was found in libevent with the parsing of DNS requests and replies. An attacker could send a forged DNS response to an application using libevent which could lead to reading data out of bounds on the heap, potentially disclosing a small amount of application memory...

9.8CVSS7.3AI score0.06681EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.4 views

libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()

A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash...

7.5CVSS7.3AI score0.05208EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.5 views

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

7.5CVSS7.3AI score0.05192EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.63 views

RHEL 7 : firefox (RHSA-2017:1106)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:1106 advisory. Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fixes: Multiple flaws were found...

9.8CVSS8AI score0.18756EPSS
Exploits26References68
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.37 views

FreeBSD : libevent -- multiple vulnerabilities (b8ee7a81-a879-4358-9b30-7dd1bd4c14b1)

Debian Security reports : CVE-2016-10195: The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read. CVE-2016-10196: Stack-based buffer overflow in the...

9.8CVSS8.4AI score0.06681EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2017/04/20 8:21 a.m.13 views

libevent: Stack-buffer overflow in the name_parse() function

A vulnerability was found in libevent with the parsing of DNS requests and replies. An attacker could send a forged DNS response to an application using libevent which could lead to reading data out of bounds on the heap, potentially disclosing a small amount of application memory...

9.8CVSS7.3AI score0.06681EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/04/20 8:21 a.m.4 views

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

7.5CVSS7.3AI score0.05192EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/04/20 8:21 a.m.7 views

libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()

A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash...

7.5CVSS7.3AI score0.05208EPSS
Exploits1References4
ALT Linux
ALT Linux
added 2017/04/20 12:0 a.m.35 views

Security fix for the ALT Linux 10 package firefox-esr version 45.9.0-alt1

April 20, 2017 Andrey Cherepanov 45.9.0-alt1 - New ESR version - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, + CVE-2017-5462: DRBG flaw in NSS + CVE-2017-5445: Uninitialized values used while parsing + CVE-2017-5469: Potential Buffer overflow in...

7.5CVSS10.3AI score0.18756EPSS
Exploits19
Mozilla
Mozilla
added 2017/04/19 12:0 a.m.528 views

Security vulnerabilities fixed in Firefox ESR 45.9 — Mozilla

A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. A use-after-free vulnerability occurs during transaction processing in t...

9.8CVSS1.6AI score0.08767EPSS
Exploits4References28Affected Software1
Cloud Foundry
Cloud Foundry
added 2017/03/31 12:0 a.m.41 views

USN-3228-1: libevent vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Guido Vranken discovered that libevent incorrectly handled memory when processing certain data. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of...

9.8CVSS9.3AI score0.06681EPSS
Exploits3
Kitploit
Kitploit
added 2017/03/16 2:11 p.m.114 views

SSLsplit - transparent SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a...

7.1AI score
Exploits0References1
OSV
OSV
added 2017/03/15 3:59 p.m.4 views

ALPINE-CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS9.3AI score0.06681EPSS
Exploits1References1
OSV
OSV
added 2017/03/15 3:59 p.m.4 views

ALPINE-CVE-2016-10196

Stack-based buffer overflow in the evutilparsesockaddrport function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service segmentation fault via vectors involving a long string in brackets in the ipasstring argument...

7.5CVSS8.9AI score0.05208EPSS
Exploits1References1
NVD
NVD
added 2017/03/15 3:59 p.m.23 views

CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS9.6AI score0.06681EPSS
Exploits1References12
OSV
OSV
added 2017/03/15 3:59 p.m.1 views

DEBIAN-CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS8.8AI score0.06681EPSS
Exploits1References1
OSV
OSV
added 2017/03/15 3:59 p.m.29 views

CVE-2016-10197

The searchmakenew function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service out-of-bounds read via an empty hostname...

7.5CVSS6.5AI score
Exploits0References12
OSV
OSV
added 2017/03/15 3:59 p.m.2 views

DEBIAN-CVE-2016-10196

Stack-based buffer overflow in the evutilparsesockaddrport function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service segmentation fault via vectors involving a long string in brackets in the ipasstring argument...

7.5CVSS8.4AI score0.05208EPSS
Exploits1References1
Rows per page
Query Builder