Lucene search
+L

4554 matches found

Tenable Nessus
Tenable Nessus
added 2015/04/13 12:0 a.m.31 views

Mandriva Linux Security Advisory : batik (MDVSA-2015:203)

Updated batik packages fix security vulnerability : Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary...

6.4CVSS8.2AI score0.16564EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/04/10 12:0 a.m.30 views

Mandriva Linux Security Advisory : less (MDVSA-2015:199)

Updated less package fixes security vulnerability : Malformed UTF-8 data could have caused an out of bounds read in the UTF-8 decoding routines, causing an invalid read access CVE-2014-9488. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

10CVSS5.3AI score0.04017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/08 12:0 a.m.26 views

Mandriva Linux Security Advisory : cups-filters (MDVSA-2015:196)

Updated cups-filters package fixes security vulnerability : cups-browsed in cups-filters before 1.0.66 contained a bug in the removebadchars\ function, where it failed to reliably filter out illegal characters if there were two or more subsequent illegal characters, allowing execution of arbitrar...

7.5CVSS7.6AI score0.02958EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.31 views

Mandriva Linux Security Advisory : flac (MDVSA-2015:188)

Multiple vulnerabilities has been discovered and corrected in flac : Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file CVE-2014-9028. Stack-based buffer overflow in streamdecoder.c in libFLAC before 1.3...

7.5CVSS6.3AI score0.0986EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.21 views

Mandriva Linux Security Advisory : graphviz (MDVSA-2015:187)

Updated graphviz packages fix security vulnerability : Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string...

7.5CVSS7.1AI score0.05569EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.31 views

Mandriva Linux Security Advisory : subversion (MDVSA-2015:192)

Multiple vulnerabilities has been discovered and corrected in subversion : Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely...

7.8CVSS8.1AI score0.12841EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.10 views

Mandriva Linux Security Advisory : tor (MDVSA-2015:189)

Updated tor packages fix security vulnerabilities : The tor package has been updated to version 0.2.4.26, which fixes possible crashes that may be remotely trigger-able, which would result in a denial of service, and also fixes a few other bugs. See the release announcement for details...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/01 12:0 a.m.26 views

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2015:186)

A vulnerability has been discovered and corrected in phpmyadmin : libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with...

5CVSS8AI score0.03263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/01 12:0 a.m.40 views

Mandriva Linux Security Advisory : dokuwiki (MDVSA-2015:185)

Updated dokuwiki packages fix security vulnerabilities : inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call CVE-2014-8761. The ajaxmediadiff function in DokuWiki...

6.5CVSS5.7AI score0.02862EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/04/01 12:0 a.m.24 views

Mandriva Linux Security Advisory : erlang (MDVSA-2015:174)

Updated erlang packages fixes security vulnerability : An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP comman...

7.5CVSS8.6AI score0.02193EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.38 views

Mandriva Linux Security Advisory : tcpdump (MDVSA-2015:182)

Updated tcpdump package fixes security vulnerabilities : Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service application crash or, potentially, execution of arbitrary code CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155...

7.5CVSS8AI score0.19028EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.36 views

Mandriva Linux Security Advisory : gcc (MDVSA-2015:170)

Updated gcc packages fix the following security issue : Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code CVE-2014-5044. They also fix...

9.8CVSS8AI score0.05678EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.12 views

Mandriva Linux Security Advisory : setup (MDVSA-2015:184)

Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.29 views

Mandriva Linux Security Advisory : wireshark (MDVSA-2015:183)

Updated wireshark package fixes security vulnerabilies : The WCP dissector could crash CVE-2015-2188. The pcapng file parser could crash CVE-2015-2189. The TNEF dissector could go into an infinite loop CVE-2015-2191. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5CVSS5.8AI score0.046EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.32 views

Mandriva Linux Security Advisory : coreutils (MDVSA-2015:179)

Updated coreutils packages fix security vulnerability : Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An attacker could possibly use this to cause a denial of service or potentially execute code CVE-2014-9471. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS6.1AI score0.07087EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.30 views

Mandriva Linux Security Advisory : ctdb (MDVSA-2015:177)

Updated ctdb packages fix security vulnerability : ctdb before 2.5 is vulnerable to symlink attacks to due the use of predictable filenames in /tmp, such as /tmp/ctdb.socket CVE-2013-4159. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

7.5CVSS5.4AI score0.02371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.29 views

Mandriva Linux Security Advisory : dbus (MDVSA-2015:176)

Updated dbus packages fix multiple vulnerabilities : A denial of service vulnerability in D-Bus before 1.6.20 allows a local attacker to cause a bus-activated service that is not currently running to attempt to start, and fail, denying other users access to this service Additionally, in highly...

4.4CVSS7.1AI score0.00594EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.22 views

Mandriva Linux Security Advisory : firebird (MDVSA-2015:172)

Updated firebird packages fix a remote denial of service vulnerability : These update fix the recently discovered security vulnerability CORE-4630 that may be used for a remote DoS attack performed by unauthorized users CVE-2014-9492. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.22 views

Mandriva Linux Security Advisory : ejabberd (MDVSA-2015:175)

Updated ejabberd packages fix security vulnerability : A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttlsrequired is set CVE-2014-8760. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS5.4AI score0.01314EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.27 views

Mandriva Linux Security Advisory : ctags (MDVSA-2015:178)

Updated ctags package fixes security vulnerability : A denial of service issue was discovered in ctags 5.8. A remote attacker could cause excessive CPU usage and disk space consumption via a crafted JavaScript file by triggering an infinite loop CVE-2014-7204. %NASLMINLEVEL 70300 C Tenable Networ...

5CVSS5.3AI score0.04276EPSS
Exploits1References2
Rows per page
Query Builder