Lucene search
K

1907 matches found

OSV
OSV
added 2015/05/03 12:19 a.m.8 views

MGASA-2015-0177 Updated subversion packages fix security vulnerabilities

Updated subversion packages fix security vulnerabilities: Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests CVE-2015-0202. Subversion moddavsvn and svnserve are vulnerable to a remotely triggerable assertion D...

7.8CVSS9.3AI score0.12841EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/04/13 12:0 a.m.22 views

Fedora 21 : varnish-4.0.3-3.fc21 (2015-4079)

This update fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread. New upstream release. A bugfix release. Highlights from the changelog : - 26 reported bugs fixed. - Replaced objects are now expired immediately, instead of kept...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/25 12:0 a.m.18 views

Fedora 22 : varnish-4.0.3-3.fc22 (2015-4063)

Added an update that fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread. New upstream release. A bugfix release. Highlights from the changelog : - 26 reported bugs fixed. - Replaced objects are now expired immediately, instead of...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.29 views

Oracle Linux 7 : pcre (ELSA-2015-0330)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0330 advisory. - Fix CVE-2014-8964 unused memory usage on zero-repeat assertion condition bug 1169797 Tenable has extracted the preceding description block directly from the...

5CVSS6.9AI score0.06505EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2015/03/09 12:0 a.m.41 views

pcre security and enhancement update

8.32-14 - Fix CVE-2014-8964 unused memory usage on zero-repeat assertion condition bug 1169797 8.32-13 - Disable unsupported JIT mode on little-endian 64-bit PowerPC platform bug 1125642 - Raise optimization level to 3 on little-endian 64-bit PowerPC bug 1123498...

5CVSS1.2AI score0.06505EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/02/03 5:10 p.m.45 views

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.8CVSS6.6AI score0.08579EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2015/01/14 12:0 a.m.40 views

RHEL 6 : kernel (RHSA-2015:0043)

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.8CVSS6.5AI score0.08579EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2015/01/09 12:0 a.m.36 views

Amazon Linux AMI : bind (ALAS-2015-465)

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. CVE-2014-8500 C Tenable...

7.8CVSS6.6AI score0.65683EPSS
Exploits0References2
Amazon
Amazon
added 2015/01/08 12:0 a.m.50 views

Important: bind

Issue Overview: A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. CVE-2014-850...

7.8CVSS7AI score0.65683EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.22 views

Fedora 20 : pcre-8.33-8.fc20 (2014-16215)

This release fixes CVE-2014-8964 an unused memory usage on zero-repeat assertion condition Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

5CVSS6.8AI score0.06505EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2014/12/15 12:0 a.m.64 views

python2: multiple issues

CVE-2013-1752 denial of service Multiple unbound readline flaws in python stdlib were found, which can lead to excessive memory usage if a malicious or broken server sends excessively long lines without any line breaks. - CVE-2013-1753 denial of service The XMLRPC library is vulnerable to...

5.8CVSS0.4AI score0.03913EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.39 views

OracleVM 2.1 : kernel (OVMSA-2009-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1895 The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or...

7.8CVSS6.3AI score0.05471EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2014/11/20 12:0 a.m.48 views

F5 Networks BIG-IP : Linux kernel vulnerability (SOL15852)

The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings. C Tenable...

4.9CVSS7AI score0.00545EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2014/11/19 12:0 a.m.78 views

SOL15852 - Linux kernel vulnerability CVE-2014-3122

The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings. CVE-2014-3122...

4.9CVSS6AI score0.00545EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/18 12:0 a.m.43 views

Amazon Linux AMI : ruby20 (ALAS-2014-448)

The upstream patch for CVE-2014-8080 introduced checks against the REXML.entityexpansiontextlimit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entityexpansionlimit. As a consequence, even with the patch applied, a small XML...

5CVSS7AI score0.05555EPSS
Exploits2References2
Amazon
Amazon
added 2014/11/13 12:0 a.m.38 views

Medium: ruby21

Issue Overview: The upstream patch for CVE-2014-8080 introduced checks against the REXML.entityexpansiontextlimit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entityexpansionlimit. As a consequence, even with the patch applied,...

5CVSS7.1AI score0.05555EPSS
Exploits2
Amazon
Amazon
added 2014/11/13 12:0 a.m.45 views

Medium: ruby19

Issue Overview: The upstream patch for CVE-2014-8080 introduced checks against the REXML.entityexpansiontextlimit, but did not add restrictions to limit the number of expansions performed, i.e. checks against the REXML::Document.entityexpansionlimit. As a consequence, even with the patch applied,...

5CVSS7.1AI score0.05555EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/10/22 12:0 a.m.39 views

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

7.8CVSS7.3AI score0.05794EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2014/10/20 12:0 a.m.55 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2014-3083)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3083 advisory. - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817787 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 -...

7.8CVSS7.2AI score0.05794EPSS
Exploits1References7
Fedora
Fedora
added 2014/10/10 4:7 p.m.26 views

[SECURITY] Fedora 20 Update: nginx-1.4.7-3.fc20

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

4.3CVSS2.2AI score0.05654EPSS
Exploits0
Rows per page
Query Builder