Lucene search
K

1907 matches found

Tenable Nessus
Tenable Nessus
added 2011/05/31 12:0 a.m.22 views

Fedora 14 : viewvc-1.1.11-1.fc14 (2011-7222)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

5CVSS5.5AI score0.02644EPSS
Exploits0References3
seebug.org
seebug.org
added 2011/01/19 12:0 a.m.55 views

Linux Kernel "execve()"内存扩展"OOM-killer"本地拒绝服务漏洞

BUGTRAQ ID: 45004 CVE ID: CVE-2010-4243 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的"OOM-killer"功能在实现上存在安全漏洞,本地攻击者可利用此漏洞终止不相关的进程,造成拒绝服务。 漏洞源于oomkill函数看不到没有附加到任何线程的已分配内存。 Linux kernel 2.6.24.3 - 2.6.37 RedHat Enterprise Linux Desktop v.5 client 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载...

4.9CVSS6.5AI score0.0091EPSS
Exploits3
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.49 views

Month of PHP Security - Summary - 1st May - 10th May

Hi everyone, 10 days ago the Month of PHP Security 2010 has started at http://www.php-security.org/ and meanwhile 20 vulnerabilities were posted and also 4 user submitted articles were published. Here is a short summary of what was released so far. You can follow the Month of PHP Security on...

8.6AI score
Exploits0
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.32 views

MOPS-2010-013: PHP sqlite_array_query() Uninitialized Memory Usage Vulnerability

MOPS-2010-013: PHP sqlitearrayquery Uninitialized Memory Usage Vulnerability May 7th, 2010 PHP’s sqlitearrayquery function will use uninitialized memory if it is used with an empty SQL query. This can lead to arbitrary code execution. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP...

2AI score
Exploits0
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.43 views

MOPS-2010-012: PHP sqlite_single_query() Uninitialized Memory Usage Vulnerability

MOPS-2010-012: PHP sqlitesinglequery Uninitialized Memory Usage Vulnerability May 7th, 2010 PHP’s sqlitesinglequery function will use uninitialized memory if it is used with an empty SQL query. This can lead to arbitrary code execution. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is P...

2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2010/03/24 12:0 a.m.5 views

PT-2010-2814 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to 7 Description: The issue allows remote attackers to cause a denial of service, consuming memory and CPU, via a crafted biClrUsed value in the BITMAPINFO header of a .ANI file. This is related to the ANI...

7.1CVSS6.7AI score0.1505EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2009/12/11 1:42 p.m.4 views

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

5CVSS5.9AI score0.04813EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/12/08 7:9 p.m.4 views

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

5CVSS5.9AI score0.04813EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/12/01 12:0 a.m.32 views

Cacti 'Linux - Get Memory Usage' RCE Vulnerability

Cacti is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

9CVSS8.6AI score0.11477EPSS
Exploits2References2
NVD
NVD
added 2009/11/30 9:30 p.m.27 views

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

9CVSS8.7AI score0.11477EPSS
Exploits2References10
Prion
Prion
added 2009/11/30 9:30 p.m.18 views

Input validation

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

9CVSS7AI score0.11477EPSS
Exploits2References10Affected Software1
UbuntuCve
UbuntuCve
added 2009/11/30 9:30 p.m.40 views

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

9CVSS6.6AI score0.11477EPSS
Exploits2References1
OSV
OSV
added 2009/11/30 9:30 p.m.2 views

DEBIAN-CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

9CVSS7.4AI score0.11477EPSS
Exploits2References1
Cvelist
Cvelist
added 2009/11/30 9:0 p.m.36 views

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

8.7AI score0.11477EPSS
Exploits2References10
Debian CVE
Debian CVE
added 2009/11/30 9:0 p.m.27 views

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

9CVSS6AI score0.11477EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/10/28 12:0 a.m.48 views

Mandriva Linux Security Advisory : kernel (MDVSA-2009:289)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easi...

7.2CVSS6.7AI score0.01223EPSS
Exploits6References10
Fedora
Fedora
added 2009/08/12 8:53 p.m.25 views

[SECURITY] Fedora 11 Update: ocaml-camlimages-3.0.1-7.fc11.2

CamlImages is an image processing library for Objective CAML, which provide s: basic functions for image processing and loading/saving, various image file formats hence providing a translation facility from format to format, and an interface with the Caml graphics library allows to display images...

7.5CVSS0.7AI score0.02612EPSS
Exploits0
Prion
Prion
added 2009/07/16 3:30 p.m.22 views

Null pointer dereference

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...

7.2CVSS6.5AI score0.00439EPSS
Exploits1References35Affected Software3
NVD
NVD
added 2009/07/16 3:30 p.m.19 views

CVE-2009-1895

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...

7.2CVSS4.9AI score0.00439EPSS
Exploits1References35
CVE
CVE
added 2009/07/16 3:0 p.m.131 views

CVE-2009-1895

The vulnerability CVE-2009-1895 affects the Linux kernel’s personality subsystem prior to 2.6.31-rc3, where PER_CLEAR_ON_SETID fails to clear ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO when executing a setuid/setgid program. This enables local users to exploit memory‑layout details to perform NULL poi...

7.2CVSS5.5AI score0.00439EPSS
Exploits1References35Affected Software1
Rows per page
Query Builder