Lucene search
+L

524 matches found

Tenable Nessus
Tenable Nessus
added 2016/01/28 12:0 a.m.40 views

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2880-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2880-1 advisory. Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gab...

10CVSS8.2AI score0.05992EPSS
Exploits0References13
Ubuntu
Ubuntu
added 2016/01/27 3:31 p.m.170 views

USN-2880-1: Firefox vulnerabilities

Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gabor Krizsanits discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

10CVSS8.2AI score0.05992EPSS
Exploits0
myhack58
myhack58
added 2015/12/10 12:0 a.m.34 views

Microsoft released 1 2 on a major security bug fix patch-bug warning-the black bar safety net

On Tuesday Microsoft announced that as part of its monthly security Bulletin part of all Windows users should update theiroperating system, the prevention from at least two major vulnerabilities. MS15-1 2 8 patched a series of memory crash vulnerability, the latter so that the hacker can install...

1.9AI score
Exploits0
OSV
OSV
added 2015/11/05 5:59 a.m.3 views

DEBIAN-CVE-2015-7183

Integer overflow in the PLARENAALLOCATE implementation in Netscape Portable Runtime NSPR in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute...

7.5CVSS8.5AI score0.06792EPSS
Exploits0References1
OSV
OSV
added 2015/10/20 12:57 a.m.16 views

USN-2777-1 linux-lts-utopic vulnerabilities

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...

6.1CVSS7.1AI score0.01164EPSS
Exploits1References6
OSV
OSV
added 2015/09/01 5:33 p.m.7 views

SUSE-SU-2015:1476-1 Security update for MozillaFirefox, mozilla-nss

Mozilla Firefox was updated to version 38.2.1 ESR to fix several critical and non critical security vulnerabilities. - Firefox was updated to 38.2.1 ESR bsc943608 MFSA 2015-94/CVE-2015-4497 bsc943557 Use-after-free when resizing canvas element during restyling MFSA 2015-95/CVE-2015-4498 bsc943558...

10CVSS9.2AI score0.70226EPSS
Exploits8References21
CNVD
CNVD
added 2015/06/23 12:0 a.m.5 views

PHP SOAP Access Remote Memory Corruption Vulnerability

PHP is a general-purpose scripting language. A security vulnerability in the unserialize function used in PHP's multiple SOAP accesses allows remote attackers to exploit the vulnerability by submitting a special request to obtain PHP application memory information or crash...

10CVSS6.6AI score0.10724EPSS
Exploits5References1
Hacker One
Hacker One
added 2014/11/17 6:20 a.m.62 views

Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use-After-Free. After parsing a malformed mp4 file, Flash will not free the NetStream object properly. Such memory block is still accessed even the page containing Flash is closed, which leads to a memory crash...

10CVSS6.3AI score0.09927EPSS
Exploits0
Hacker One
Hacker One
added 2014/10/08 2:3 a.m.56 views

Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use-After-Free. After parsing a malformed mp4 file, Flash will keep on accessing a block of memory for timing. Such memory block is still accessed even the page containing Flash is closed, which leads to a memory crash...

10CVSS8.3AI score0.09321EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.31 views

Fedora 21 : nodejs-qs-0.6.6-3.fc21 (2014-11309)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

5.4AI score
Exploits0References3
Prion
Prion
added 2014/06/17 2:55 p.m.18 views

Code injection

OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service uninitialized memory access and crash via unspecified vectors related to TMAY requests...

5CVSS7.1AI score0.01595EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2014/04/24 5:35 p.m.48 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

8.6CVSS7.5AI score0.01002EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2014/03/05 12:0 a.m.102 views

lighttpd < 1.4.34 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.34. It is, therefore, affected by the following vulnerabilities : - When Server Name Indication SNI is enabled, a flaw exists that could cause the application to use all available SSL ciphers, including we...

7.6CVSS6.8AI score0.10721EPSS
Exploits1References8
OSV
OSV
added 2013/06/09 9:55 p.m.4 views

UBUNTU-CVE-2013-4074

The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service application crash via a...

5CVSS5.8AI score0.60643EPSS
Exploits7References8
OSV
OSV
added 2013/05/20 2:44 p.m.4 views

UBUNTU-CVE-2013-1004

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in...

9.3CVSS6.2AI score0.02738EPSS
Exploits0References4
OSV
OSV
added 2013/03/14 3:13 a.m.7 views

CVE-2013-1667

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service memory consumption and crash via a crafted hash key...

6.1AI score
Exploits0References22
OSV
OSV
added 2012/10/04 3:28 a.m.4 views

DEBIAN-CVE-2012-3511

Multiple race conditions in the madviseremove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service use-after-free and system crash via vectors involving a 1 munmap or 2 close system call...

6.2CVSS6.2AI score0.00376EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2012/08/24 12:0 a.m.31 views

RedHat Update for libvirt RHSA-2012:1202-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

3.5CVSS7AI score0.02158EPSS
Exploits0References2
OSV
OSV
added 2011/03/03 8:0 p.m.4 views

UBUNTU-CVE-2011-0152

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in...

7.6CVSS6.2AI score0.02707EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2011/01/25 5:6 p.m.3 views

WebKit: multiple vulnerabilities in WebKitGTK

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a floating element in an SVG...

9.3CVSS6.2AI score0.05961EPSS
Exploits0References4
Rows per page
Query Builder