Lucene search
K

1907 matches found

Amazon
Amazon
added 2015/12/14 12:0 a.m.49 views

Medium: libxml2

Issue Overview: A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. The...

7.1CVSS8.6AI score0.0721EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2015/12/07 11:59 a.m.7 views

libxml2: denial of service processing a crafted XML document

A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory...

5CVSS6.8AI score0.0634EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.35 views

openSUSE Security Update : mysql-community-server (openSUSE-2015-608)

The MySQL Community Server edition was updated to 5.6.26, fixing security issues and bugs. All changes: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-26.html - Fixed CVEs: CVE-2015-2617, CVE-2015-2648, CVE-2015-2611, CVE-2015-2582 CVE-2015-4752, CVE-2015-4756, CVE-2015-2643, CVE-2015-47...

6.5CVSS7.3AI score0.06964EPSS
Exploits0References24
ThreatPost
ThreatPost
added 2015/09/25 1:53 p.m.7 views

Mozilla Addresses 14-Year-Old Bug in Firefox 41

Developers at Mozilla pushed out Firefox 41 this week and brought some much needed relief to Adblock Plus users by finally fixing a 14-year old bug in the browser. The update addresses a longstanding issue with how the browser handles memory usage by the add-on. Previously the browser created too...

1.3AI score
Exploits0References6
CNVD
CNVD
added 2015/09/16 12:0 a.m.2 views

IBM WebSphere Portal Denial of Service Vulnerability (CNVD-2015-06033)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects an organization internally and externally, allowing employees, customers and suppliers to access internal data through the platform. A denial of service vulnerability exists in IB...

7.8CVSS5.5AI score0.0274EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2015/09/04 12:58 a.m.17 views

How to Fix Chrome Massive Memory Usage? Simply Try 'Chrome 45' for Faster Performance

Rejoice Chrome users! Google has made major improvements to its Chrome web browser that would once again make it one of the least memory eater browsers in the market. Although Chrome is used by hundreds of millions of people worldwide due to its simplicity and power, most people aren't happy with...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/08/04 5:13 p.m.2 views

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

4.3CVSS6.7AI score0.03842EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.40 views

RHEL 6 : libxml2 (RHSA-2015:1419)

Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5CVSS6.8AI score0.0634EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/07/20 2:6 p.m.39 views

Low: Red Hat Security Advisory: libxml2 security and bug fix update

Updated libxml2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5CVSS6.7AI score0.0634EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/07/17 8:4 a.m.3 views

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

4.3CVSS6.7AI score0.03842EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/07/17 8:3 a.m.1 views

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

4.3CVSS6.7AI score0.03842EPSS
Exploits0References5
Cisco
Cisco
added 2015/06/29 5:26 p.m.31 views

Cisco Headend System Releases Denial of Service Vulnerability

A vulnerability in Cisco Headend System Releases could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to the software's inability to recover memory after certain usage situations. An attacker could exploit this vulnerability by...

5CVSS6.9AI score0.03427EPSS
Exploits0References1
Cisco
Cisco
added 2015/06/29 4:52 p.m.32 views

Cisco Headend System Releases Denial of Service Vulnerability

A vulnerability in Cisco Headend System Releases could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to the software's inability to recover memory after certain usage situations. An attacker could exploit this vulnerability by...

5CVSS6.5AI score0.03427EPSS
Exploits0References1
n0where
n0where
added 2015/06/02 5:2 p.m.67 views

Portable Penetration Testing Distribution for Windows: PentestBox

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 70% of penetration testing distributions users uses windows and provides an efficient platform for Penetration Testing on windows. It provides all security tools as a...

7.5AI score
Exploits0
Cisco
Cisco
added 2015/05/29 9:35 p.m.29 views

Multiple Cisco Products TCP Flood Denial of Service Vulnerability

A vulnerability in the TCP module of multiple Cisco products could allow an unauthenticated, remote attacker to disable TCP ports and cause an increase in CPU and memory usage, resulting in a denial of service DoS condition. The vulnerability is due to a lack of rate limiting in the TCP listener...

5CVSS6.6AI score0.03427EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/15 12:0 a.m.34 views

OracleVM 3.3 : kernel-uek (OVMSA-2015-0060)

The remote OracleVM system is missing necessary patches to address critical security updates : - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438...

9.3CVSS6.8AI score0.10108EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2015/05/14 3:14 p.m.4 views

apache-poi: entity expansion (billion laughs) flaw

It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption...

4.3CVSS7.3AI score0.07395EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/05/14 12:0 a.m.297 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3035)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3035 advisory. - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 - xen/pciback: Don't disable PCICOMMAND on PCI...

9.3CVSS6.9AI score0.10108EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2015/05/13 12:0 a.m.60 views

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

9.3CVSS0.6AI score0.10108EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/04 12:0 a.m.10 views

Fedora 21 : mksh-50f-1.fc21 (2015-6550)

"R50f is a required security and bugfix release : - Add a patch marker for vendor patch versioning to mksh.1 - SECURITY: make unset HISTFILE actually work - Document some more issues with the current history code - Remove some unused code - RCSID-only sync with OpenBSD, for bogus and irrelevant...

5.6AI score
Exploits0References1
Rows per page
Query Builder