Lucene search
K

4336 matches found

Tenable Nessus
Tenable Nessus
added 2015/12/17 12:0 a.m.29 views

WordPress < 4.2.4 Multiple Vulnerabilities

Binary data 9031.prm...

7.5CVSS6.5AI score0.10986EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/12/15 12:0 a.m.58 views

Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2617 advisory. - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - rac...

7.5CVSS7.7AI score0.9986EPSS
Exploits4References4
Oracle linux
Oracle linux
added 2015/12/14 12:0 a.m.140 views

openssl security update

1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...

7.5CVSS1AI score0.9986EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.51 views

Oracle Linux 7 : openssh (ELSA-2015-2088)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2088 advisory. - Security fixes released with openssh-6.9 CVE-2015-5352 1247864 - XSECURITY restrictions bypass under certain conditions in ssh1 1238231 - weakness of...

8.5CVSS6.7AI score0.09302EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2015/11/23 12:0 a.m.67 views

openssh security, bug fix, and enhancement update

6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...

8.5CVSS0.2AI score0.09302EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2015/10/30 9:51 a.m.21 views

CVE-2012-3452

gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation...

3.3CVSS7.3AI score0.00338EPSS
Exploits0References2
exploitpack
exploitpack
added 2015/10/28 12:0 a.m.10 views

Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Samsung fimg2d - FIMG2DBITBLTBLIT ioctl Concurrency Flaw Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.137 views

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiti...

10CVSS0.9AI score0.94859EPSS
Exploits57
The Hacker News
The Hacker News
added 2015/09/12 12:39 a.m.16 views

LockerPin Ransomware Resets PIN and Permanently Locks Your SmartPhones

Your device's lock screen PIN is believed to keep your phone's contents safe from others, but sadly not from a new piece of ransomware that is capable of hijacking safety of your Android devices. A group of security researchers has uncovered what is believed to be the first real example of malwar...

7.2AI score
Exploits0
NVD
NVD
added 2015/08/31 2:59 p.m.15 views

CVE-2015-6745

Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...

4.6CVSS6AI score0.0033EPSS
Exploits0References2
Prion
Prion
added 2015/08/31 2:59 p.m.15 views

Security feature bypass

Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...

4.6CVSS6.3AI score0.01121EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/08/31 2:59 p.m.17 views

Security feature bypass

Basware Banking Maksuliikenne before 8.90.07.X relies on the client to enforce 1 login verification, 2 audit trail creation, and 3 account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from...

4.3CVSS6.7AI score0.01121EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/08/31 2:8 p.m.22 views

CVE-2015-6745

Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...

6AI score0.0033EPSS
Exploits0References2
CVE
CVE
added 2015/08/31 2:8 p.m.44 views

CVE-2015-6745

Baseline affected software: Basware Banking (Maksuliikenne), version 8.90.07.X and earlier. Vulnerability: the product relies on the client to enforce account locking, enabling a local attacker to bypass the security mechanism by deleting entries in the locking list (or locking table). Root cause...

4.6CVSS6.2AI score0.0033EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/08/31 2:8 p.m.20 views

CVE-2015-6744

Basware Banking Maksuliikenne before 8.90.07.X relies on the client to enforce 1 login verification, 2 audit trail creation, and 3 account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from...

6.3AI score0.01121EPSS
Exploits0References2
Prion
Prion
added 2015/08/17 12:0 a.m.19 views

Race condition

Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error...

9.3CVSS7.3AI score0.07421EPSS
Exploits1References6Affected Software1
OpenVAS
OpenVAS
added 2015/08/11 12:0 a.m.43 views

Debian Security Advisory DSA 3332-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affect yo...

7.5CVSS0.1AI score0.10986EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.35 views

Fedora 22 : openssh-6.9p1-1.fc22 (2015-11063)

This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking ssh-add -x to password guessing more info in related bugs. It also provides new version of openssh-6.9 which is bringing many bugfixes and...

4.3CVSS6.4AI score0.05445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.48 views

Fedora 21 : openssh-6.6.1p1-13.fc21 (2015-11067)

This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking ssh-add -x to password guessing more info in related bugs. For more information see related bugs. Note that Tenable Network Security has...

4.3CVSS6.4AI score0.05445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.174 views

OpenSSH < 6.9 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is prior to 6.9. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the x11openhelper function in the 'channels.c' file that allows connections to be permitted after 'ForwardX11Timeout' ha...

4.3CVSS6.4AI score0.05445EPSS
Exploits0References3
Rows per page
Query Builder