Lucene search
K

5118 matches found

RedHat Linux
RedHat Linux
added 2015/02/11 8:18 p.m.2 views

Security: Wrong security context loaded when using SAML2 STS Login Module

It was found that when processing undefined security domains, the org.jboss.security.plugins.mapping.JBossMappingManager implementation would fall back to the default security domain if it was available. A user with valid credentials in the defined default domain, with a role that is valid in the...

3.5CVSS5.7AI score0.01739EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/02/11 8:16 p.m.3 views

Security: Wrong security context loaded when using SAML2 STS Login Module

It was found that when processing undefined security domains, the org.jboss.security.plugins.mapping.JBossMappingManager implementation would fall back to the default security domain if it was available. A user with valid credentials in the defined default domain, with a role that is valid in the...

3.5CVSS5.7AI score0.01739EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/01/28 7:2 p.m.4 views

Kernel: mm/shmem: denial of service

A race condition flaw was found in the way the Linux kernel's mmap2, madvise2, and fallocate2 system calls interacted with each other while operating on virtual memory file system files. A local user could use this flaw to cause a denial of service...

4.7CVSS6.6AI score0.0044EPSS
Exploits0References4
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.89 views

[SECURITY] [DSA 3093-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 08, 2014 http://www.debian.org/security/faq -...

6.1CVSS0.9AI score0.0523EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/12/09 12:0 a.m.48 views

Debian DSA-3093-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation : - CVE-2014-7841 Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will panic on malformed INIT chunks by triggering a NULL pointer dereference. - CVE-2014-83...

7.8CVSS7.1AI score0.0523EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2014/12/08 12:0 a.m.63 views

Debian Security Advisory DSA 3093-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-7841 Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will panic on malformed INIT chunks by triggering a NULL pointer dereference. CVE-2014-8369 A...

6.1CVSS0.4AI score0.0523EPSS
Exploits2References1
Nmap
Nmap
added 2014/12/03 4:2 p.m.128 views

targets-ipv6-map4to6 NSE Script

This script runs in the pre-scanning phase to map IPv4 addresses onto IPv6 networks and add them to the scan queue. The technique is more general than what is technically termed "IPv4-mapped IPv6 addresses." The lower 4 bytes of the IPv6 network address are replaced with the 4 bytes of IPv4...

10CVSS9.3AI score0.99448EPSS
Exploits33
Kitploit
Kitploit
added 2014/12/01 10:18 p.m.25 views

Samurai Web Testing Framework 3.0 - LiveCD Web Pen-testing Environment

The Samurai project team is happy to announce the release of a development version of the Samurai Web Testing Framework. This release is currently a fully functional linux environment that has a number of the tools pre-installed. Our hope is that people who are interested in making this the best...

7AI score
Exploits0
OSV
OSV
added 2014/11/22 10:54 a.m.43 views

MGASA-2014-0483 Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS5.9AI score0.02427EPSS
Exploits0References18
Hacker One
Hacker One
added 2014/11/14 5:30 a.m.36 views

Factlink: File name/folder enumeration.

Hello, an attacker may be able to map your server and find configuration file names by the following method: Valid attempt Not found: https://staging.factlink.com/%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd Invalid attempt 404...

0.6AI score
Exploits0
n0where
n0where
added 2014/11/10 7:1 p.m.34 views

How To Setup Postfix

How To Setup Postfix Postfix is a very popular open source Mail Transfer Agent MTA that can be used to route and deliver email on a Linux system. It is estimated that around 25% of public mail servers on the internet run Postfix. In this guide, we’ll teach you how to get up and running quickly wi...

6.9AI score
Exploits0
OSV
OSV
added 2014/11/10 11:55 a.m.2 views

DEBIAN-CVE-2014-8369

The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service host OS page unpinning or possibly have unspecified other impact by leveraging...

7.8CVSS8.2AI score0.00565EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2014/11/10 11:55 a.m.6 views

CVE-2014-8369

The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service host OS page unpinning or possibly have unspecified other impact by leveraging...

7.8CVSS7.5AI score0.01168EPSS
Exploits2References16
Debian CVE
Debian CVE
added 2014/11/10 11:0 a.m.35 views

CVE-2014-8369

The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service host OS page unpinning or possibly have unspecified other impact by leveraging...

7.8CVSS7.3AI score0.00565EPSS
Exploits1
OSV
OSV
added 2014/11/10 12:0 a.m.2 views

UBUNTU-CVE-2014-8369

The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service host OS page unpinning or possibly have unspecified other impact by leveraging...

7.8CVSS6.8AI score0.00565EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2014/11/04 12:0 a.m.37 views

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141014)

A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. CVE-2014-5077, Important An integer overflow flaw wa...

7.8CVSS7.2AI score0.05794EPSS
Exploits5References12
ThreatPost
ThreatPost
added 2014/10/23 4:23 p.m.24 views

NAT-PMP Security Vulnerability Affects 1.2M Routers

Vulnerabilities in embedded devices, in particular small office and home office routers, have been relentless. Another serious issue was discovered this week that affects more than 1.2 million such devices due to improper NAT-PMP protocol implementations, most of which run counter to the...

0.1AI score
Exploits0References2
CERT
CERT
added 2014/10/23 12:0 a.m.17 views

Incorrect implementation of NAT-PMP in multiple devices

Overview Many NAT-PMP devices are incorrectly configured, allowing them to field requests received on external network interfaces or map forwarding routes to addresses other than that of the requesting host, making them potentially vulnerable to information disclosure and malicious port mapping...

7.2AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/13 9:28 p.m.4 views

kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()

A flaw was found in the way the Linux kernel's kvmiommumappages function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host...

4.3CVSS6.6AI score0.01168EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/10/13 9:6 p.m.2 views

libX11: Multiple integer overflows leading to heap-based buffer-overflows

Multiple integer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XQueryFont, 2 XF86BigfontQueryFont, 3 XListFontsWithInfo, 4 XGetMotionEvents, 5 XListHosts, 6...

6.8CVSS7.2AI score0.01395EPSS
Exploits0References5
Rows per page
Query Builder