Lucene search
+L

581 matches found

Tenable Nessus
Tenable Nessus
added 2019/07/29 12:0 a.m.34 views

Cisco IOS XE Software Information Disclosure Vulnerability (cisco-sa-20190327-info)

According to its self-reported version, Cisco IOS XE Software is affected by an unspecified vulnerability in the Secure Storage feature of Cisco IOS XE that allows an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper...

4.4CVSS5.2AI score0.00232EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/07/29 12:0 a.m.35 views

Cisco IOS Software Information Disclosure Vulnerability (cisco-sa-20190327-info)

According to its self-reported version, Cisco IOS Software is affected by an unspecified vulnerability in the Secure Storage feature of Cisco IOS that allows an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory...

4.4CVSS5.2AI score0.00232EPSS
Exploits0References3
CNVD
CNVD
added 2019/06/13 12:0 a.m.4 views

Linux kernel buffer overflow vulnerability (CNVD-2019-47005)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux Kernel. The vulnerability arises from a networked system or product performing operations in memory without properl...

8.3CVSS7.7AI score0.03278EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/12 12:0 a.m.6 views

Siemens LOGO!8 Buffer Overflow Vulnerability

LOGO!8 is the 8th generation of Siemens intelligent logic controllers, the Nano PLC in the Siemens PLC family, which simplifies programming configurations, has an integrated panel for more displays, and can be easily networked and efficiently interconnected via the integrated Ethernet interface. ...

7.8CVSS7.5AI score0.01599EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/11 12:0 a.m.3 views

Photodex ProShow Producer Buffer Overflow Vulnerability (CNVD-2019-17111)

Photodex ProShow Producer is a suite of video and photo slideshow creation software from Photodex, Inc. in the United States. A buffer overflow vulnerability exists in Photodex ProShow Producer version 9.0.3797. The vulnerability originates when a networked system or product performs an operation...

7.8CVSS7.4AI score0.04452EPSS
Exploits3References1
Prion
Prion
added 2019/06/05 5:29 p.m.25 views

Race condition

A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence Unified CM IM&P Service, Cisco TelePresence Video Communication Server VCS, and Cisco Expressway Series could allow an unauthenticated, remote attacker to cause a service outage for users...

5CVSS8.5AI score0.04639EPSS
Exploits0References2Affected Software2
Cisco
Cisco
added 2019/06/05 4:0 p.m.191 views

Cisco Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability

A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence Unified CM IM&P Service, Cisco TelePresence Video Communication Server VCS, and Cisco Expressway Series could allow an unauthenticated, remote attacker to cause a service outage for users...

8.6CVSS8.7AI score0.04639EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/05/14 8:44 p.m.4 views

hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)

Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results ar...

5.6CVSS6.8AI score0.01497EPSS
Exploits0References6
CNVD
CNVD
added 2019/05/13 12:0 a.m.4 views

Suricata Buffer Overflow Vulnerability

Suricata is a set of network intrusion detection system IDS, intrusion prevention system IPS and network security monitoring engine developed by the Open Information Security Foundation OISF and its supported vendors, which supports multi-threading, built-in IPv6, and the ability to load...

7.5CVSS7.3AI score0.01455EPSS
Exploits0References1
OSV
OSV
added 2019/05/12 9:35 a.m.22 views

MGASA-2019-0168 Updated sysstat packages fix security vulnerabilities

Updated sysstat package fix security vulnerabilities: Out-of-bounds read during a memmove call inside the remapstruct function CVE-2018-19416. Out-of-bounds read during a memset call inside the remapstruct function CVE-2018-19517...

10CVSS6.4AI score0.05692EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.23 views

Ubuntu 18.04 LTS : libpng vulnerability (USN-3962-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3962-1 advisory. It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file,...

5.3CVSS8AI score0.09393EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2019/05/01 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-3962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS8.1AI score0.09393EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2019/04/30 5:57 p.m.98 views

USN-3962-1: libpng vulnerability

It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.3CVSS7.7AI score0.09393EPSS
Exploits3
Cvelist
Cvelist
added 2019/04/23 10:0 p.m.24 views

CVE-2019-11487

The Linux kernel before 5.1-rc5 allows page-refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipefsi.h, kernel/trace/trace.c, mm/gup.c, and...

8.1AI score0.00708EPSS
Exploits1References30
Ubuntu
Ubuntu
added 2019/04/23 11:54 a.m.113 views

USN-3952-1: Pacemaker vulnerabilities

Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. CVE-2018-16877 Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this...

8.8CVSS6.7AI score0.01962EPSS
Exploits0
CNVD
CNVD
added 2019/04/22 12:0 a.m.4 views

OpenPLC Buffer Overflow Vulnerability

OpenPLC is an open source programmable logic controller. A buffer overflow vulnerability exists in OpenPLCv2 version and OpenPLCv3 version. The vulnerability originates when a networked system or product performs an operation on memory without properly validating data boundaries, resulting in an...

9.8CVSS7.3AI score0.01532EPSS
Exploits0References1
Mageia
Mageia
added 2019/04/10 10:7 p.m.37 views

Updated gpac packages fix security vulnerability

It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...

9.8CVSS3.8AI score0.02521EPSS
Exploits5References2
Ubuntu
Ubuntu
added 2019/04/03 11:59 a.m.778 views

USN-3935-1: BusyBox vulnerabilities

Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....

9.8CVSS7AI score0.32919EPSS
Exploits19
Ubuntu
Ubuntu
added 2019/03/29 1:50 p.m.106 views

USN-3926-1: GPAC vulnerabilities

It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...

9.8CVSS7.5AI score0.02521EPSS
Exploits5
NVD
NVD
added 2019/03/28 1:29 a.m.22 views

CVE-2019-1762

A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations performed at encryption time, when affected software...

4.4CVSS4.4AI score0.00232EPSS
Exploits0References2
Rows per page
Query Builder