Lucene search
K

1935 matches found

RedHat Linux
RedHat Linux
added 2015/04/16 1:52 p.m.6 views

openstack-swift: Swift metadata constraints are not correctly enforced

A flaw was found in the metadata constraints in OpenStack Object Storage swift. By adding metadata in several separate calls, a malicious user could bypass the maxmetacount constraint, and store more metadata than allowed by the configuration...

4CVSS5.7AI score0.03023EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2015/04/15 1:59 p.m.14 views

Dropbox Launches Bounty Program on HackerOne

Dropbox has become the latest high-profile Internet firm to start a bug bounty program, hooking up with HackerOne to provide rewards to security researchers who report vulnerabilities through the program. The new reward system from Dropbox covers a variety of the company’s offerings, including th...

0.4AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/17 2:39 p.m.6 views

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

7.2CVSS6.6AI score0.01176EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2015/03/11 3:27 p.m.5 views

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

7.2CVSS6.6AI score0.01176EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2015/03/11 3:27 p.m.76 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.8CVSS6.5AI score0.05489EPSS
Exploits4References5
Kitploit
Kitploit
added 2015/03/10 2:53 a.m.21 views

Zer0 - Secured file deletion made easy

Zer0 is a user friendly file deletion tool with a high level of security. With Zer0, you'll be able to delete files and to prevent file recovery by a 3rd person. So far, no user reported an efficient method to recover a file deleted by Zer0. Features User friendly HMI : Drag'n'drop, 1 click and t...

7.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/02/28 2:59 a.m.32 views

CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

5CVSS7.3AI score0.04803EPSS
Exploits0References5
OSV
OSV
added 2015/02/28 2:59 a.m.3 views

UBUNTU-CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

5CVSS7.4AI score0.04803EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2015/02/28 2:0 a.m.46 views

CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

5CVSS9.3AI score0.04803EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/02/16 12:0 a.m.21 views

Fedora 21 : pigz-2.3.3-1.fc21 (2015-1488)

Update to 2.3.3, fixes CVE-2015-1191 : - Return zero exit code when only warnings are issued - Increase speed of unlzw Unix compress decompression - Update zopfli to current google state - Allow larger maximum blocksize -b, now 512 MiB - Do not require that -d precede -N, -n, -T options - Strip a...

5CVSS5.6AI score0.03029EPSS
Exploits1References3
Prion
Prion
added 2015/02/06 3:59 p.m.7 views

Memory corruption

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call...

7.2CVSS7AI score0.00958EPSS
Exploits4References4Affected Software1
CVE
CVE
added 2015/02/06 3:0 p.m.51 views

CVE-2014-9641

The CVE-2014-9641 vulnerability affects Trend Micro tmeext.sys prior to version 2.0.0.1015, used by Trend Micro Antivirus Plus, Internet Security and Maximum Security. It allows a local attacker to write to arbitrary memory locations via a crafted 0x00222400 IOCTL, enabling privilege escalation. ...

7.2CVSS6.6AI score0.00958EPSS
Exploits4References4Affected Software1
RedHat Linux
RedHat Linux
added 2015/01/28 7:2 p.m.3 views

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

7.2CVSS6.6AI score0.01176EPSS
Exploits2References4
exploitpack
exploitpack
added 2015/01/05 3:1 p.m.17 views

Static-HTTP-Server-1.0-SEH

Notes: Multiple HTTP commands and headers are vulnerable to overflows and trigger an exception, but I was unable to control the SEH handler with anyting but configuration options in the http.ini. import os def fileCreate: print "\n Your current file directory is %s. " % os.getcwd try: File =...

0.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/10/13 9:11 p.m.5 views

glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters

An out-of-bounds write flaw was found in the way the glibc's readdirr function handled file system entries longer than the NAMEMAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdirr, would cause th...

6.8CVSS7.7AI score0.03832EPSS
Exploits0References4
Kitploit
Kitploit
added 2014/08/26 12:49 a.m.24 views

WiFi software Acrylic WiFi Free v2.0 - Real-time WLAN information and network analysis

New Acrylic WiFi software update. WiFi software for network analysis has gone through many changes since the first free version and finally reaches version v2.0 with more power than ever and long awaited features for network and channel analysis under Windows and with any wireless card. Acrylic...

7.1AI score
Exploits0
Node JS Blog
Node JS Blog
added 2014/07/31 12:0 a.m.43 views

V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30)

V8 Memory Corruption and Stack Overflow fixed in Node v0.8.28 and v0.10.30 A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may...

9.8CVSS7.8AI score0.05356EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/07/23 4:15 p.m.7 views

qemu: virtio-net: out-of-bounds buffer write on invalid state load

The virtionetload function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of currqueues is greater than maxqueues, which triggers an out-of-bounds write...

7.5CVSS7.2AI score0.0495EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2014/07/02 12:0 a.m.27 views

dbus -- multiple vulnerabilities

Simon McVittie reports: Alban Crequy at Collabora Ltd. discovered a bug in dbus-daemon's support for file descriptor passing. A malicious process could force system services or user applications to be disconnected from the D-Bus system bus by sending them a message containing a file descriptor,...

2.1CVSS5.8AI score0.00446EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

HP-UX 11,Linux kernel 2.4,Windows 2000/NT 4.0,IRIX 6.5 Small TCP MSS DoS

No description provided by source. source: http://www.securityfocus.com/bid/2997/info A potential denial of service vulnerability exists in several TCP stack implementations. TCP has a MSS maximum segment size option that is used by a TCP client to announce to a peer the maximum amount of TCP dat...

7.1AI score
Exploits0
Rows per page
Query Builder