Lucene search
+L

72 matches found

NVD
NVD
added 2018/11/12 4:29 p.m.30 views

CVE-2018-19204

PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport' is mishandled. The attacker can...

9CVSS8.8AI score0.0464EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/10/24 12:0 a.m.50 views

Debian: Security Advisory (DSA-4328-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.2704EPSS
Exploits39References4
OSV
OSV
added 2018/09/13 8:38 p.m.5 views

MGASA-2018-0371 Updated ntp packages fix security vulnerability

Updated ntp packages fix security vulnerability: Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter CVE-2018-12327...

9.8CVSS9.9AI score0.29037EPSS
Exploits5References3
NVD
NVD
added 2018/09/13 4:29 p.m.18 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.7AI score0.00448EPSS
Exploits2References1
Prion
Prion
added 2018/09/13 4:29 p.m.16 views

Stack overflow

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

4.6CVSS7.6AI score0.00448EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/09/13 4:29 p.m.9 views

Stack overflow

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

4.6CVSS7.4AI score0.00448EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2018/09/13 4:29 p.m.5 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.7AI score
Exploits0References1
OSV
OSV
added 2018/09/13 4:29 p.m.3 views

UBUNTU-CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7AI score0.00448EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.1 views

DEBIAN-CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.5AI score0.00448EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2018/09/13 4:0 p.m.44 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.7AI score0.00448EPSS
Exploits2
Cvelist
Cvelist
added 2018/09/13 4:0 p.m.24 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.6AI score0.00448EPSS
Exploits2References1
OSV
OSV
added 2018/06/20 2:29 p.m.5 views

CVE-2018-12327

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...

9.8CVSS9.9AI score
Exploits0References9
Debian CVE
Debian CVE
added 2018/06/20 2:0 p.m.29 views

CVE-2018-12327

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...

9.8CVSS10AI score0.29037EPSS
Exploits5
Cvelist
Cvelist
added 2018/06/20 2:0 p.m.30 views

CVE-2018-12327

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...

8.1AI score0.29037EPSS
Exploits5References9
OSV
OSV
added 2017/01/27 10:59 p.m.6 views

ALPINE-CVE-2016-9634

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via the startline parameter...

9.8CVSS8.3AI score0.09267EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.30 views

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015 Summary This security update helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability, an attacker would first hav...

6.1AI score
Exploits0
CNVD
CNVD
added 2016/11/28 12:0 a.m.5 views

GStreamer Good Plug-ins start_line parameter write buffer overflow vulnerability

GStreamer is a multimedia framework for creating streaming applications in the GNOME desktop environment. A buffer overflow vulnerability exists in GStreamer Good Plug-ins. An attacker could exploit the vulnerability to execute arbitrary code in the context of a user running the affected...

9.8CVSS7.9AI score0.09267EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/10/19 2:59 p.m.5 views

rhscon-ceph: password leak by command line parameter

A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password...

7.8CVSS5.7AI score0.00372EPSS
Exploits0References4
FireEye
FireEye
added 2016/06/24 5:30 p.m.12 views

Locky is Back Asking for Unpaid Debts

On June 21, 2016, FireEye’s Dynamic Threat Intelligence DTI identified an increase in JavaScript contained within spam emails. FireEye analysts determined the increase was the result of a new Locky ransomware spam campaign. As shown in Figure 1, Locky spam activity was uninterrupted until June 1,...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2015/08/15 12:0 a.m.33 views

CVE-2015-2423

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2,...

6.2AI score0.19851EPSS
Exploits0References6
Rows per page
Query Builder