Lucene search
K

800 matches found

OSV
OSV
added 2016/04/25 7:57 a.m.13 views

MGASA-2016-0149 Updated java-1.8.0-openjdk packages fix security vulnerabilities

Updated java-1.8.0-openjdk packages fix security vulnerabilities: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions CVE-2016-0686, CVE-2016-0687. It wa...

10CVSS7.3AI score0.92334EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2015/12/09 11:0 a.m.10 views

CVE-2015-6175

The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."...

7.4AI score0.05169EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.6 views

PT-2015-2833 · Adobe +3 · Air Sdk & Compiler +7

Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime versions affected versions not specified Adobe Flash Player versions affected versions not specified Adobe AIR versions affected versions not specified Adobe AIR SDK versions affected versions not specified Adobe AIR...

10CVSS9.3AI score0.43408EPSS
Exploits21References440
OSV
OSV
added 2015/08/27 12:0 p.m.4 views

USN-2724-1 qemu, qemu-kvm vulnerabilities

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...

9.3CVSS7.2AI score0.13288EPSS
Exploits1References6
0day.today
0day.today
added 2015/08/17 12:0 a.m.51 views

Microsoft Internet Explorer CStyleAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

9.3CVSS6.6AI score0.15631EPSS
Exploits1
OSV
OSV
added 2015/07/22 1:59 a.m.7 views

CVE-2015-4651

The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service applicatio...

6.3AI score
Exploits0References9
CNVD
CNVD
added 2015/04/21 12:0 a.m.2 views

Google Chrome memory corruption vulnerability (CNVD-2015-02654)

Google Chrome is a web browser developed by the American company Google Google. Google Chrome versions prior to 42.0.2311.90, the function NaClSandbox::InitializeLayerTwoSandbox within components/nacl/loader/sandboxlinux/naclsandboxlinux.cc Failure to apply RLIMITAS and RLIMITDATA restrictions to...

7.5CVSS6.9AI score0.01916EPSS
Exploits1References1
OSV
OSV
added 2015/04/01 2:41 p.m.3 views

USN-2550-1 firefox vulnerabilities

Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. CVE-2015-0801 Bobby Holley discovered that...

7.5CVSS7.5AI score0.67465EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2014/12/09 12:0 a.m.125 views

MS14-082: Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)

The remote Windows host is running a version of Microsoft Office that is affected by a remote code execution vulnerability due to a use-after-free memory issue caused by Microsoft Word not properly handling objects in memory. A remote attacker can exploit this vulnerability by convincing a user t...

9.3CVSS6.6AI score0.14662EPSS
Exploits0References2
OSV
OSV
added 2014/11/10 1:43 p.m.4 views

USN-2399-1 curl vulnerability

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPTCOPYPOSTFIELDS and curleasyduphandle. This may result in sensitive data being incorrectly sent to the remote server...

4.3CVSS7AI score0.05121EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/03/19 12:0 a.m.38 views

Thunderbird < 24.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is a version prior to version 24.4. It is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates ar...

10CVSS8.6AI score0.83633EPSS
Exploits19References32
Tenable Nessus
Tenable Nessus
added 2014/03/19 12:0 a.m.47 views

Firefox ESR 24.x < 24.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is prior to 24.4 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - A flaw exists in the checkHandshake function due to improper...

10CVSS7.5AI score0.83633EPSS
Exploits19References30
Tenable Nessus
Tenable Nessus
added 2014/03/19 12:0 a.m.36 views

Firefox ESR 24.x < 24.4 Multiple Vulnerabilities

The installed version of Firefox ESR 24.x is a version prior to 24.4. It is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - A flaw exists in the checkHandshake function due to...

10CVSS7.4AI score0.83633EPSS
Exploits19References30
Tenable Nessus
Tenable Nessus
added 2013/12/11 12:0 a.m.36 views

Thunderbird < 24.2 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.2 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two use-after-free...

10CVSS8.3AI score0.11076EPSS
Exploits11References19
Tenable Nessus
Tenable Nessus
added 2013/07/11 12:0 a.m.48 views

Debian DSA-2719-1 : poppler - several vulnerabilities

Multiple vulnerabilities were discovered in the poppler PDF rendering library. - CVE-2013-1788 Multiple invalid memory access issues, which could potentially lead to arbitrary code execution if the user were tricked into opening a malformed PDF document. - CVE-2013-1790 An uninitialized memory...

6.8CVSS8AI score0.03866EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2013/07/09 12:0 a.m.21 views

Debian: Security Advisory (DSA-2719-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.7AI score0.03866EPSS
Exploits2References3
0day.today
0day.today
added 2013/01/29 12:0 a.m.22 views

Apple Quick Time Player (Windows) Version 7.7.3 Out of Bound Read

Exploit for windows platform in category dos / poc Title: Apple Quick Time Player WindowsVersion 7.7.3 Out of Bound Read Date: 28th January,2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Vendor Homepage: http://www.apple.com/ Software Link:...

7AI score
Exploits0
exploitpack
exploitpack
added 2013/01/29 12:0 a.m.14 views

Apple Quick Time Player (Windows) 7.7.3 - Out of Bound Read

Apple Quick Time Player Windows 7.7.3 - Out of Bound Read Title: Apple Quick Time Player WindowsVersion 7.7.3 Out of Bound Read Date: 28th January,2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Vendor Homepage: http://www.apple.com/ Software Link:...

Exploits0
CVE
CVE
added 2011/11/17 7:0 p.m.159 views

CVE-2011-4096

CVE-2011-4096 affects Squid proxies (notably Squid 3.1.x up to before 3.1.16). The root cause is a mis-free of memory in idnsGrokReply, enabling a remote attacker to trigger a denial of service (daemon abort) via a DNS reply containing a CNAME that references another CNAME containing an empty A r...

5CVSS8.1AI score0.37186EPSS
Exploits0References11Affected Software1
OpenVAS
OpenVAS
added 2011/03/07 12:0 a.m.25 views

Debian Security Advisory DSA 2148-1 (tor)

The remote host is missing an update to tor announced via advisory DSA 2148-1. OpenVAS Vulnerability Test $Id: deb21481.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2148-1 tor Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.8CVSS0.2AI score0.04444EPSS
Exploits0
Rows per page
Query Builder