Lucene search
+L

2144 matches found

RedHat Linux
RedHat Linux
added 2012/02/01 12:4 a.m.5 views

Mozilla: child nodes from nsDOMAttribute still accessible after removal of nodes (MFSA 2012-04)

Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access...

9.3CVSS7.8AI score0.36511EPSS
Exploits9References5
UbuntuCve
UbuntuCve
added 2012/02/01 12:0 a.m.39 views

CVE-2011-3659

Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access...

9.3CVSS7.6AI score0.36511EPSS
Exploits9References6
Tenable Nessus
Tenable Nessus
added 2012/02/01 12:0 a.m.37 views

Firefox 3.6 < 3.6.26 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox 3.6 is earlier than 3.6.26. Such versions are potentially affected by multiple vulnerabilities : - A use-after-free error exists related to removed nsDOMAttribute child nodes.CVE-2011-3659 - The IPv6 literal syntax in web addresses is not being properly enforced...

10CVSS7.3AI score0.36511EPSS
Exploits11References12
Mozilla
Mozilla
added 2012/01/31 12:0 a.m.70 views

Child nodes from nsDOMAttribute still accessible after removal of nodes — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for remot...

9.3CVSS2.9AI score0.36511EPSS
Exploits9References2Affected Software3
OpenVAS
OpenVAS
added 2012/01/23 12:0 a.m.10 views

Fedora Update for torque FEDORA-2012-0372

Check for the Version of torque OpenVAS Vulnerability Test Fedora Update for torque FEDORA-2012-0372 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

7.4AI score
Exploits0References2
Fedora
Fedora
added 2012/01/21 9:49 p.m.11 views

[SECURITY] Fedora 15 Update: torque-3.0.3-1.fc15

TORQUE Tera-scale Open-source Resource and QUEue manager is a resource manager providing control over batch jobs and distributed compute nodes. TORQUE is based on OpenPBS version 2.3.12 and incorporates scalability, fault tolerance, and feature extension patches provided by USC, NCSA, OSC, the U....

0.5AI score
Exploits0
seebug.org
seebug.org
added 2012/01/19 12:0 a.m.31 views

JBoss 'mod_cluster'安全绕过漏洞

Bugtraq ID: 51554 CVE ID:CVE-2011-4608 JBOSS是一个基于J2EE的开放源代码的应用服务器。 modcluster允许worker节点在任意虚拟主机vhost上注册,而无视应用在其他虚拟主机上的安全性限制。在某些环境下,一个vhost配置为内部worker节点,而另一个配置为服务外部内容。远程攻击者可以利用此缺陷通过没有配置应用安全限制的外部虚拟主机注册为攻击者控制的worker节点,然后使用worker节点服务恶意内容,截获验证凭据,劫持用户会话。 0 Red Hat JBoss Enterprise Web Server for RHEL 6...

7.5CVSS6.5AI score0.03197EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2012/01/18 7:21 p.m.44 views

Important: Red Hat Security Advisory: mod_cluster-native security update

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Web Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2012/01/18 7:21 p.m.4 views

mod_cluster: malicious worker nodes can register on any vhost

modcluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from ...

7.5CVSS6AI score0.03197EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/18 7:20 p.m.38 views

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the Native components for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/18 7:18 p.m.30 views

Important: Red Hat Security Advisory: mod_cluster-native security update

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.32 views

Important: Red Hat Security Advisory: mod_cluster-native security update

An update for the modcluster native component for JBoss Enterprise Web Server 1.0.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2012/01/18 7:16 p.m.33 views

Important: Red Hat Security Advisory: mod_cluster-native security update

Updated modcluster packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

7.5CVSS5.8AI score0.03197EPSS
Exploits1References2
Fedora
Fedora
added 2011/12/10 7:34 p.m.49 views

[SECURITY] Fedora 15 Update: python-celery-2.2.8-1.fc15

An open source asynchronous task queue/job queue based on distributed message passing. It is focused on real-time operation, but supports scheduling as well. The execution units, called tasks, are executed concurrently on one or more worker nodes using multiprocessing, Eventlet or gevent. Tasks c...

6.9CVSS0.8AI score0.00346EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/22 12:0 a.m.26 views

Fedora 16 : puppet-2.6.12-1.fc16 (2011-14880)

A bug in puppet's SSL certificate handling could allow nodes with a valid certificate to impersonate the puppet master. To be vulnerable, a user would have had to set the certdnsnames variable and generated certificates. This setting is not set by default in the Fedora/EPEL packages. This update...

2.6CVSS5.6AI score0.02454EPSS
Exploits0References2
Nmap
Nmap
added 2011/11/09 6:56 p.m.296 views

bitcoin-getaddr NSE Script

Queries a Bitcoin server for a list of known Bitcoin nodes Script Arguments max-newtargets, newtargets See the documentation for the target library. Example Usage nmap -p 8333 --script bitcoin-getaddr Script Output PORT STATE SERVICE 8333/tcp open unknown | bitcoin-getaddr: | ip timestamp |...

10CVSS9.4AI score0.99448EPSS
Exploits33
ThreatPost
ThreatPost
added 2011/10/24 5:53 p.m.10 views

Researchers To Demonstrate Tor Network Hijack Method

Researchers at the Hackers To Hackers Conference in Brazil will detail a method of hijacking the TOR anonymity network, potentially putting its users at risk, while The Tor Project accuses one of the researchers of irresponsible disclosure. The presentation combines work done by Eric Filiol of th...

0.2AI score
Exploits0References9
Prion
Prion
added 2011/10/04 8:55 p.m.15 views

Code injection

Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

6.8CVSS7.9AI score0.009EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2011/10/04 8:55 p.m.26 views

CVE-2011-2879

Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

6.8CVSS5.9AI score0.009EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2011/10/04 8:0 p.m.35 views

CVE-2011-2879

Removed by vendor...

6.8CVSS6.7AI score0.009EPSS
Exploits0
Rows per page
Query Builder