Lucene search
K

5122 matches found

n0where
n0where
added 2017/09/12 4:30 a.m.156 views

Advanced Man In The Middle Framework: Xerosploit

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for penetration testing purposes. It brings various modules together that will help you perform very efficient attacks. You can also use it to perform denial of service attacks and port scanning. Powere...

7.7AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/09/08 6:31 p.m.48 views

Security update for postgresql94 (important)

This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

7.5CVSS2.4AI score0.61566EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2017/09/08 6:30 p.m.40 views

Security update for postgresql96 (important)

This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

7.5CVSS0.6AI score0.61566EPSS
Exploits0References3
OSV
OSV
added 2017/09/05 3:32 p.m.12 views

SUSE-SU-2017:2356-1 Security update for postgresql96

This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

9.8CVSS8.7AI score0.61566EPSS
Exploits0References7
OSV
OSV
added 2017/09/05 1:46 p.m.6 views

SUSE-SU-2017:2355-1 Security update for postgresql94

This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

9.8CVSS8.7AI score0.61566EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2017/08/31 3:6 a.m.70 views

Security update for postgresql93 (important)

Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

7.5CVSS0.3AI score0.61566EPSS
Exploits0References3
OSV
OSV
added 2017/08/28 8:14 a.m.13 views

MGASA-2017-0316 Updated postgresql9.3/4/6 packages fix security vulnerabilities

libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. When using libpq or a libpq-based connection driver to perform password-based authentication methods, it would appear that setting an empty password would be the...

9.8CVSS8.6AI score0.61566EPSS
Exploits0References6
Cent OS
Cent OS
added 2017/08/24 1:40 a.m.58 views

postgresql security update

CentOS Errata and Security Advisory CESA-2017:1983 An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.5CVSS6.8AI score0.06331EPSS
Exploits0References7
OSV
OSV
added 2017/08/22 3:34 p.m.5 views

SUSE-SU-2017:2236-1 Security update for postgresql93

Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...

9.8CVSS8.7AI score0.61566EPSS
Exploits0References7
OSV
OSV
added 2017/08/18 5:29 p.m.2 views

CVE-2017-12592

ASUS DSL-N10S V2.1.16APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges...

8.8CVSS5.8AI score0.01088EPSS
Exploits1References1
Prion
Prion
added 2017/08/18 5:29 p.m.14 views

Privilege escalation

ASUS DSL-N10S V2.1.16APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges...

6.5CVSS9.1AI score0.01088EPSS
Exploits1References1Affected Software1
Xen Project
Xen Project
added 2017/08/15 12:0 p.m.380 views

linux: Fix Xen block IO merge-ability calculation

ISSUE DESCRIPTION The block layer in Linux may choose to merge adjacent block IO requests. When Linux is running as a Xen guest, the default merging algorithm is replaced with a Xen-specific one. When Linux is running as an x86 PV guest, some BIO's are erroneously merged, corrupting the data stre...

8.8CVSS0.3AI score0.00497EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/11 12:0 a.m.58 views

Debian DLA-1051-1 : postgresql-9.1 security update

Several vulnerabilities have been found in the PostgreSQL database system : CVE-2017-7486 Andrew Wheelwright discovered that user mappings were insufficiently restricted. CVE-2017-7546 In some authentication methods empty passwords were accepted. CVE-2017-7547 User mappings could leak data to...

9.8CVSS7.2AI score0.61566EPSS
Exploits0References5
seebug.org
seebug.org
added 2017/08/04 12:0 a.m.111 views

VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP(CVE-2017-10129)

VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be circumvented to load arbitrary code inside a VirtualBox process givi...

4.6CVSS8.5AI score0.01643EPSS
Exploits2
exploitpack
exploitpack
added 2017/08/03 12:0 a.m.27 views

VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation

VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1296 VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevatio...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/07/31 3:52 p.m.37 views

Moderate: Red Hat Security Advisory: rh-postgresql95-postgresql security update

An update for rh-postgresql95-postgresql is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.5CVSS6.7AI score0.06331EPSS
Exploits0References4
Veracode
Veracode
added 2017/07/29 4:4 p.m.13 views

Denial Of Service (DoS) Through Resource Consumption

Moodle is vulnerable to denial of service DoS attacks. The script used when geo-mapping an IP address was accessible by attackers, by requesting the calculation of an estimated latitude and longitude for an IP, attackers are able to consume all the resources...

5CVSS5.9AI score0.02427EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2017/07/26 4:26 a.m.10 views

Smart Vacuum Cleaners Making Map Of Your Home — And Wants to Sell It

What if I say that your cute, smart robotic vacuum cleaner is collecting data than just dirt? During an interview with Reuters, the CEO of iRobot, the company which manufactured Roomba device, has revealed that the robotic vacuum cleaner also builds a map of your home while cleaning — and is now...

6.5AI score
Exploits0
Veeam
Veeam
added 2017/07/26 12:0 a.m.18 views

One or More Networks Mapped to the same cloud network

Challenge A Replication job targeting Cloud Hosts completes with the following warning: One or more source networks were possibly mapped onto the same cloud network. Simultaneous partial failovers of VMs residing on those networks may result in issues. Cause This warning is displayed when the...

6.6AI score
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.5 views

The vulnerability of Xen hypervisors allows a malicious actor to gain privileged access to the host.

The vulnerability of Xen hypervisors is related to insufficient checking of memory distribution during P2M operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileged access to the host from the guest operating system...

10CVSS7.7AI score0.0367EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder