Lucene search
K

102 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.37 views

SUSE SLED15 / SLES15 Security Update : spice-vdagent (SUSE-SU-2020:3268-1)

This update for spice-vdagent fixes the following issues : Security issues fixed : CVE-2020-25650: Fixed a memory DoS via arbitrary entries in activexfers hash table bsc1177780. CVE-2020-25651: Fixed a possible file transfer DoS and information leak via activexfers hash map bsc1177781...

6.4CVSS6.1AI score0.0049EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2020/11/17 12:0 a.m.44 views

openSUSE Security Update : spice-vdagent (openSUSE-2020-1898)

This update for spice-vdagent fixes the following issues : Security issues fixed : - CVE-2020-25650: Fixed a memory DoS via arbitrary entries in activexfers hash table bsc1177780. - CVE-2020-25651: Fixed a possible file transfer DoS and information leak via activexfers hash map bsc1177781. -...

6.4CVSS6AI score0.0049EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2018/07/16 12:0 a.m.242 views

Debian DLA-1421-1 : ruby2.1 security update

Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2015-9096 SMTP command injection in Net::SMTP via CRLF sequences in a RCPT TO or MAIL FROM command. CVE-2016-2339 Exploitable heap...

9.8CVSS7.9AI score0.73927EPSS
Exploits18References27
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.47 views

Debian DLA-1359-1 : ruby1.8 security update

Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2017-17742 Aaron Patterson reported that WEBrick bundled with Ruby was vulnerable to an HTTP response splitting vulnerability. It wa...

9.1CVSS6.9AI score0.10552EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.80 views

Debian DLA-1358-1 : ruby1.9.1 security update

Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2017-17742 Aaron Patterson reported that WEBrick bundled with Ruby was vulnerable to an HTTP response splitting vulnerability. It wa...

9.8CVSS6.9AI score0.10552EPSS
Exploits0References12
Debian
Debian
added 2018/04/23 9:51 a.m.42 views

[SECURITY] [DLA 1359-1] ruby1.8 security update

Package : ruby1.8 Version : 1.8.7.358-7.1+deb7u6 CVE ID : CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following...

9.1CVSS7AI score0.10552EPSS
Exploits0
Debian
Debian
added 2018/04/23 9:51 a.m.58 views

[SECURITY] [DLA 1358-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.3.194-8.1+deb7u8 CVE ID : CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 Multiple vulnerabilities were found in the interpreter for the Ruby language. The...

9.8CVSS7AI score0.10552EPSS
Exploits0
OSV
OSV
added 2017/11/12 12:0 a.m.2 views

UBUNTU-CVE-2017-13798

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote...

8.8CVSS7.7AI score0.06252EPSS
Exploits5References4
OSV
OSV
added 2017/10/23 1:29 a.m.3 views

DEBIAN-CVE-2017-7120

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

8.8CVSS9AI score0.01601EPSS
Exploits1References1
OSV
OSV
added 2016/12/23 10:59 p.m.1 views

DEBIAN-CVE-2016-9911

Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...

6.5CVSS8.9AI score0.00367EPSS
Exploits0References1
OSV
OSV
added 2016/12/09 11:59 a.m.5 views

UBUNTU-CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

7.5CVSS7.2AI score0.29462EPSS
Exploits0References3
OSV
OSV
added 2016/09/19 6:59 p.m.7 views

USN-3084-2 linux-lts-xenial vulnerabilities

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A...

6.5CVSS6.5AI score0.00345EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/07/11 12:0 a.m.45 views

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)

This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed : - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...

10CVSS7.2AI score0.30946EPSS
Exploits9References36
FreeBSD
FreeBSD
added 2016/03/08 12:0 a.m.48 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: MFSA 2016-16 Miscellaneous memory safety hazards rv:45.0 / rv:38.7 MFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports MFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages MFSA 2016-19 Linux video...

10CVSS1.5AI score0.30946EPSS
Exploits8References18
RedHat Linux
RedHat Linux
added 2014/02/13 6:34 p.m.3 views

Java: Java XML Signature DoS Attack

It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions DTDs to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial ...

4.3CVSS5.8AI score0.08863EPSS
Exploits0References4
OSV
OSV
added 2013/03/15 8:55 p.m.2 views

UBUNTU-CVE-2013-0961

WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, a different vulnerability than CVE-2013-0960...

6.8CVSS6.2AI score0.01901EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.52 views

Scientific Linux Security Update : openssl on SL5.x i386/x86_64

CVE-2009-0590 openssl: ASN1 printing crash CVE-2009-1377 OpenSSL: DTLS epoch record buffer memory DoS CVE-2009-1378 OpenSSL: DTLS fragment handling memory DoS CVE-2009-1379 OpenSSL: DTLS pointer use-after-free flaw DoS CVE-2009-1386 openssl: DTLS NULL deref crash on early ChangeCipherSpec request...

5CVSS7.1AI score0.80134EPSS
Exploits20References11
OSV
OSV
added 2012/03/19 9:55 p.m.1 views

DEBIAN-CVE-2012-1181

fcgidspawnctl.c in the modfcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service memory consumption via a series of HTTP requests that triggers a process...

5CVSS6.3AI score0.04864EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/10/12 1:0 a.m.26 views

CVE-2011-2008

Microsoft Host Integration Server HIS 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service SNA Server service outage via crafted TCP or UDP traffic, aka "Access of Unallocated Memory DoS Vulnerability."...

6.5AI score0.21345EPSS
Exploits0References2
OSV
OSV
added 2011/07/11 8:55 p.m.3 views

DEBIAN-CVE-2011-1951

lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service memory consumption via a message that does not match a regular expression...

4.3CVSS6.9AI score0.02462EPSS
Exploits0References1
Rows per page
Query Builder