Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2016/08/08 12:0 a.m.33 views

Debian DSA-3643-1 : kde4libs - security update

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with '../' in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricke...

7.5CVSS7.1AI score0.04429EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/07/05 12:0 a.m.29 views

Debian DSA-3615-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS6.9AI score0.02776EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2016/05/18 12:0 a.m.47 views

Debian DSA-3582-1 : expat - security update

Gustavo Grieco discovered that Expat, an XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take advantage of this flaw to cause an application using the Expat libra...

9.8CVSS8.4AI score0.19069EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.26 views

Debian DSA-3579-1 : xerces-c - security update

Gustavo Grieco discovered an use-after-free vulnerability in xerces-c, a validating XML parser library for C++, due to not properly handling invalid characters in XML input documents in the DTDScanner. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

10CVSS8.3AI score0.06781EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.31 views

Debian DSA-3574-1 : libarchive - security update

Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zipreadmacmetadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked in...

8.8CVSS8.5AI score0.10284EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2016/05/11 12:0 a.m.30 views

Debian DSA-3572-1 : websvn - security update

Nitin Venkatesh discovered that websvn, a web viewer for Subversion repositories, is susceptible to cross-site scripting attacks via specially crafted file and directory names in repositories. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

6.1CVSS5.7AI score0.00857EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/06 12:0 a.m.24 views

Debian DSA-3568-1 : libtasn1-6 - security update

Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to manage ASN.1 structures, does not correctly handle certain malformed DER certificates. A remote attacker can take advantage of this flaw to cause an application using the Libtasn1 library to hang, resulting in a denial of service...

5.9CVSS6.5AI score0.29572EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/06 12:0 a.m.23 views

Debian DSA-3569-1 : openafs - security update

Two vulnerabilities were discovered in openafs, an implementation of the distributed filesystem AFS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-8312 Potential denial of service caused by a bug in the pioctl logic allowing a local user to overru...

7.8CVSS6.9AI score0.01501EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/05/03 12:0 a.m.29 views

Debian DSA-3563-1 : poppler - security update

It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.3CVSS7.6AI score0.04557EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.22 views

Debian DSA-3546-1 : optipng - security update

Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

9.3CVSS7.6AI score0.05383EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2016/04/01 12:0 a.m.27 views

Debian DSA-3535-1 : kamailio - security update

Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy which might result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3535. The text...

10CVSS9AI score0.30518EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2016/03/11 12:0 a.m.30 views

Debian DSA-3513-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1643 cloudfuzzer discovered a type confusion issue in Blink/Webkit. - CVE-2016-1644 Atte Kettunen discovered a use-after-free issue in Blink/Webkit. - CVE-2016-1645 An out-of-bounds write issue was discovered in...

9.3CVSS8.2AI score0.02749EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2016/01/12 12:0 a.m.37 views

Debian DSA-3441-1 : perl - security update

David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...

7.5CVSS7.4AI score0.03124EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/12/16 12:0 a.m.37 views

Debian DSA-3420-1 : bind9 - security update

It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently...

5CVSS6.9AI score0.5469EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.32 views

Debian DSA-3405-1 : smokeping - security update

Tero Marttila discovered that the Debian packaging for smokeping installed it in such a way that the CGI implementation of Apache httpd modcgi passed additional arguments to the smokepingcgi program, potentially leading to arbitrary code execution in response to crafted HTTP requests. %NASLMINLEV...

7.5CVSS6.2AI score0.02326EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.32 views

Debian DSA-3367-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

4.3CVSS6AI score0.03241EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2015/05/07 12:0 a.m.55 views

Debian DSA-3252-1 : sqlite3 - security update

Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-325...

7.5CVSS7.4AI score0.05531EPSS
Exploits0References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

TANne 0.6.17 Session Manager SysLog Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6553/info TANne is a freely available, open source session management package. It is available for Unix and Linux operating systems. Due to programming error, it may be possible to exploit a format string vulnerability. A...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/11/12 12:0 a.m.26 views

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2009/04/21 12:0 a.m.76 views

CUPS '_cupsImageReadTIFF()'整数溢出漏洞

BUGTRAQ ID: 34571 CVE ID:CVE-2009-0163 CNCVE ID:CNCVE-20090163 Common Unix Printing SystemCUPS是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 CUPS处理TIFF图像存在整数溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。...

6.8CVSS1.1AI score0.04246EPSS
Exploits2
Rows per page
Query Builder