Lucene search
K

117 matches found

CVE
CVE
added 2015/09/17 4:0 p.m.44 views

CVE-2015-7232

The CVE-2015-7232 issue affects the OSF for Drupal module (Drupal 7.x) specifically in the 7.x-3.x line prior to 7.x-3.1, when the OSF Ontology module is enabled. The vulnerability is a Cross-Site Scripting (XSS) in unspecified administration pages, allowing remote attackers to inject arbitrary s...

2.6CVSS5.8AI score0.00913EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/09/17 4:0 p.m.26 views

CVE-2015-7233

Cross-site request forgery CSRF vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors...

7.1AI score0.00536EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/09/17 4:0 p.m.26 views

CVE-2015-7234

The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors...

6.8AI score0.02003EPSS
Exploits0References3
CVE
CVE
added 2015/09/17 4:0 p.m.39 views

CVE-2015-7234

The vulnerability CVE-2015-7234 affects the Drupal OSF module (7.x-3.x) prior to 7.x-3.1 when the OSF Ontology and OSF Import modules are enabled. A user-assisted remote attacker can delete arbitrary files via unspecified vectors. The issue is mitigated by upgrading to OSF 7.x-3.1 (as documented ...

4CVSS7AI score0.02003EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/07/30 12:0 a.m.3 views

Drupal OSF for Drupal module cross-site request forgery vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. osf for Drupal is one of the middle-tier modules that allows customization tools and data display for internally structured data RDF and related vocabularies ontologies. A cross-site...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/07/23 1:27 p.m.8 views

Several Critical Flaws Patched in Drupal Module

There are several critical vulnerabilities in a middleware layer used in Drupal, including both cross-site scripting and cross-site request forgery bugs, that can be exploited remotely. The vulnerabilities are in the Open Semantic Framework, which is a third-party project and not part of the Drup...

1.2AI score
Exploits0References2
Drupal
Drupal
added 2015/07/22 12:0 a.m.36 views

OSF for Drupal - Critical - Multiple vulnerabilities - SA-CONTRIB-2015-134

The Open Semantic Framework OSF for Drupal is a middleware layer that allows structured data RDF and associated vocabularies ontologies to "drive" tailored tools and data displays within Drupal. The module is vulnerable to reflected Cross Site Scripting XSS because it did not sufficiently filter...

5.1CVSS5.5AI score0.02003EPSS
Exploits0References9
NVD
NVD
added 2012/06/13 10:24 a.m.27 views

CVE-2011-2208

Integer signedness error in the osfgetdomainname function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...

2.1CVSS5.5AI score0.00474EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.32 views

CentOS Update for kernel CESA-2011:0833 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.2CVSS6.2AI score0.00407EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2011/08/04 12:0 a.m.52 views

Ubuntu 10.10 : linux vulnerabilities (USN-1183-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...

6.9CVSS6.3AI score0.0104EPSS
Exploits9References8
OpenVAS
OpenVAS
added 2011/07/18 12:0 a.m.53 views

Ubuntu Update for linux USN-1168-1

Ubuntu Update for Linux kernel vulnerabilities USN-1168-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11681.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1168-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

7.8CVSS0.2AI score0.04364EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2011/07/18 12:0 a.m.62 views

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1170-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...

7.1CVSS6.5AI score0.02523EPSS
Exploits11References12
Tenable Nessus
Tenable Nessus
added 2011/07/18 12:0 a.m.78 views

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

7.8CVSS6.7AI score0.04364EPSS
Exploits9References17
OpenVAS
OpenVAS
added 2011/07/18 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-1168-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.04364EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2011/07/15 4:30 p.m.82 views

USN-1170-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...

7.1CVSS6.5AI score0.02523EPSS
Exploits10
Ubuntu
Ubuntu
added 2011/07/15 4:29 p.m.81 views

USN-1168-1: Linux kernel vulnerabilities

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

7.8CVSS6.7AI score0.04364EPSS
Exploits8
seebug.org
seebug.org
added 2011/06/25 12:0 a.m.69 views

Linux Kernel fs/partitions/osf.c信息泄露漏洞

BUGTRAQ ID: 46878 CVE ID: CVE-2011-1163 Linux Kernel是Linux操作系统的内核。 Linux Kernel在fs/partitions/osf.c的实现上存在信息泄露漏洞,本地攻击者可利用此漏洞从堆内存获取敏感信息。 自动验证存储设备的OSF分区表的代码中存在缓冲区溢出错误 Linux kernel 2.6.x OpenVZ Project OpenVZ 028stab091.1 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...

2.1CVSS0.3AI score0.00414EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2011/06/21 11:44 p.m.6 views

kernel: fs/partitions: Corrupted OSF partition table infoleak

The osfpartition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing...

2.1CVSS7.1AI score0.00414EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2011/06/20 12:0 a.m.49 views

Debian DSA-2264-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2524 David Howells reported an issue in the Common...

9.8CVSS7AI score0.03477EPSS
Exploits22References79
securityvulns
securityvulns
added 2011/05/26 12:0 a.m.77 views

[SECURITY] [DSA 2240-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2240-1 [email protected] http://www.debian.org/security/ dann frazier May 24, 2011 http://www.debian.org/security/faq -...

7.8CVSS1.3AI score0.04364EPSS
Exploits21
Rows per page
Query Builder