Lucene search
K

57 matches found

Exploit DB
Exploit DB
added 2019/10/29 12:0 a.m.257 views

Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass (MS15-014)

Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...

3.3CVSS6.7AI score0.08074EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2019/10/25 6:31 a.m.41 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS6.1AI score0.10649EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/02/18 4:58 p.m.45 views

nghttp2: Null pointer dereference when too large ALTSVC frame is received

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS7.1AI score0.10649EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/06/08 12:0 a.m.12 views

Microsoft Windows: Microsoft network client: Send unencrypted password to third-party SMB servers

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncunencryptedpasswordsmb.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Send unencrypted password to third-party SMB servers Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2018/06/08 12:0 a.m.54 views

Microsoft Windows: Microsoft network client: Digitally sign communications (always)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncdigitallysigncommunicationsalways.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Digitally sign communications always Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2018/06/08 12:0 a.m.22 views

Microsoft Windows: Microsoft network client: Digitally sign communications (if server agrees)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncdigitallysigncommunicationsserveragrees.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Digitally sign communications if server agrees Authors: Emanuel Moss Copyright: Copyright c 201...

7.3AI score
Exploits0
Amazon
Amazon
added 2018/05/24 12:0 a.m.42 views

Medium: nghttp2

Issue Overview: nghttp2 version = 1.10.0 and nghttp2 = 1.31.1. CVE-2018-1000168 Affected Packages: nghttp2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum updat...

7.5CVSS8.1AI score0.10649EPSS
Exploits0
OSV
OSV
added 2018/05/08 3:29 p.m.27 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS7.8AI score
Exploits0References6
Prion
Prion
added 2018/05/08 3:29 p.m.25 views

Input validation

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

5CVSS7.3AI score0.10649EPSS
Exploits0References6Affected Software3
AlpineLinux
AlpineLinux
added 2018/05/08 3:0 p.m.51 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS7.7AI score0.10649EPSS
Exploits0
Cvelist
Cvelist
added 2018/05/08 3:0 p.m.29 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5AI score0.10649EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2018/05/08 3:0 p.m.33 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS7.2AI score0.10649EPSS
Exploits0
Prion
Prion
added 2018/04/12 3:29 p.m.12 views

Code injection

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

4.3CVSS7AI score0.01259EPSS
Exploits0References3
NVD
NVD
added 2018/04/12 3:29 p.m.22 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.9CVSS5.6AI score0.01259EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/04/12 3:29 p.m.18 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.9CVSS6.3AI score0.01259EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/04/12 3:0 p.m.21 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.6AI score0.01259EPSS
Exploits0References3
CVE
CVE
added 2018/04/12 3:0 p.m.51 views

CVE-2015-1777

CVE-2015-1777 affects rhnreg_ks in Red Hat Network Client Tools (rhn-client-tools) on Red Hat Gluster Storage 2.1 and RHEL 5, 6, 7. The component fails to properly validate hostnames in X.509 certificates from SSL servers, enabling a remote MITM that can prevent system registration. Root cause: h...

5.9CVSS5.6AI score0.01259EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/04/12 3:0 p.m.23 views

CVE-2018-1000168

nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...

7.5CVSS6.9AI score0.10649EPSS
Exploits0References2
hackapp
hackapp
added 2016/07/21 6:52 p.m.8 views

AT&T Global Network Client - Certificates or keys found, Customized SSL, Dynamic Code Loading vulnerabilities

HackApp vulnerability scanner discovered that application AT&T Global Network Client published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

The vulnerability of Cisco VPN Client software allows a malicious individual to increase their privileges.

The vulnerability in dne2000.sys of Citrix Deterministic Network Enhancer for Cisco VPN Client, Blue Coat WinProxy, SafeNet SoftRemote, and HighAssurance Remote allows local users to elevate their privileges by using a specially crafted request called DNEIOCTL DeviceIoControl to the \.\DNE device...

7.2CVSS5.4AI score0.01129EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder