Lucene search
K

723 matches found

Kitploit
Kitploit
added 2019/04/29 9:34 p.m.97 views

ScanQLi - Scanner To Detect SQL Injection Vulnerabilities

ScanQLi is a simple SQL injection scanner with somes additionals features. This tool can't exploit the SQLi, it just detect them. Tested onDebian 9 Features Classic Blind Time based GBK soon Recursive scan follow all hrefs of the scanned web site Cookies integration Adjustable wait delay between...

8.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/04/16 12:0 a.m.29 views

GLSA-201904-14 : GnuTLS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201904-14 GnuTLS: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact : Please review the CVE identifiers referenced below for...

7.5CVSS6.7AI score0.58969EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/04/16 12:0 a.m.34 views

GLSA-201904-15 : libTIFF: Denial of service

The remote host is affected by the vulnerability described in GLSA-201904-15 libTIFF: Denial of service Please review the CVE identifier referenced below for details. Impact : Please review the CVE identifier referenced below for details. Workaround : There is no known workaround at this time. C...

8.8CVSS6.5AI score0.1496EPSS
Exploits3References2
Gentoo Linux
Gentoo Linux
added 2019/04/15 12:0 a.m.66 views

libTIFF: Denial of service

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Please review the CVE identifier referenced below for details. Impact Please review the...

8.8CVSS2.7AI score0.1496EPSS
Exploits3
Fedora
Fedora
added 2019/03/29 7:41 p.m.39 views

[SECURITY] Fedora 30 Update: python3-3.7.2-8.fc30

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

9.8CVSS2.1AI score0.08811EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.30 views

GLSA-201903-22 : ZeroMQ: Code execution

The remote host is affected by the vulnerability described in GLSA-201903-22 ZeroMQ: Code execution Please reference the CVE for details. Impact : Please reference the CVE for details. Workaround : There is no known workaround at this time. C Tenable Network Security, Inc. The descriptive text an...

9CVSS7.6AI score0.09444EPSS
Exploits2References2
AlpineLinux
AlpineLinux
added 2019/03/20 8:0 p.m.45 views

CVE-2019-3832

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

5.5CVSS6.3AI score0.0051EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.147 views

GNU C Library: Arbitrary descriptor allocation

Background The GNU C library is the standard C library used by Gentoo Linux systems. Description A vulnerability was discovered in the GNU C Library functions xdrbytes and xdrstring. Impact A remote attacker, by sending a crafted UDP packet, could cause a Denial of Service condition. Workaround...

7.5CVSS2.4AI score0.05532EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/03/14 12:0 a.m.34 views

GLSA-201903-12 : WebkitGTK+: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201903-12 WebkitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : An attacker could execute arbitrary code or conduct...

8.8CVSS8.2AI score0.09755EPSS
Exploits3References10
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.173 views

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

5.9CVSS6.8AI score0.17139EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.148 views

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

8.8CVSS2.5AI score0.09755EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.34 views

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libs

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details CVEID: CVE-2016-7953 Description: X.Org...

9.8CVSS1.1AI score0.03629EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.56 views

RHEL 7 : systemd (RHSA-2019:0204)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0204 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides...

7.8CVSS7.2AI score0.02958EPSS
Exploits3References6
Fedora
Fedora
added 2019/01/24 4:34 a.m.44 views

[SECURITY] Fedora 29 Update: python3-3.7.2-4.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

7.5CVSS2.1AI score0.20743EPSS
Exploits1
NVD
NVD
added 2018/12/20 3:29 p.m.11 views

CVE-2018-1000814

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

6.5CVSS6.4AI score0.00965EPSS
Exploits1References2
OSV
OSV
added 2018/12/20 3:29 p.m.16 views

CVE-2018-1000814

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value...

6.5CVSS6.4AI score
Exploits0References2
CVE
CVE
added 2018/12/20 3:0 p.m.75 views

CVE-2018-1000814

CVE-2018-1000814 affects aiohttp-session versions 2.6.0 and earlier. The vulnerability lies in EncryptedCookieStorage and NaClCookieStorage, allowing non-expiring (infinite) sessions. Exploitation described as recreation of a cookie post-expiry with the same value; no explicit fixes are provided ...

6.5CVSS6.3AI score0.00965EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/12/03 12:0 a.m.48 views

GLSA-201812-04 : WebkitGTK+: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201812-04 WebkitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary commands or...

8.8CVSS7.6AI score0.10593EPSS
Exploits18References25
Gentoo Linux
Gentoo Linux
added 2018/12/02 12:0 a.m.66 views

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...

8.8CVSS4AI score0.10593EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.33 views

Scientific Linux Security Update : krb5 on SL7.x x86_64 (20181030)

Security Fixes : - krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data CVE-2018-5729 - krb5: DN container check bypass by supplying special crafted data CVE-2018-5730 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

6.5CVSS6.1AI score0.026EPSS
Exploits0References3
Rows per page
Query Builder