Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2017-14228

Malware in sbrugna...

4.3CVSS7AI score0.01762EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2021/05/27 8:15 p.m.27 views

CVE-2020-14301

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the dumpx...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/10/27 12:0 a.m.40 views

Amazon Linux 2 : avahi (ALAS-2020-1502)

The version of avahi installed on the remote host is prior to 0.6.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1502 advisory. avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not...

9.1CVSS7.2AI score0.03673EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.25 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : chrony Multiple Vulnerabilities (NS-SA-2020-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has chrony packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1...

7.5CVSS7.8AI score0.03801EPSS
Exploits0References4
Prion
Prion
added 2019/11/26 2:15 p.m.14 views

Information disclosure

Cloudera CDH before 5.9 has Potentially Sensitive Information in Diagnostic Support Bundles...

5CVSS7.1AI score0.01234EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.31 views

Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-3017-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3017-3 advisory. USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS7.1AI score0.05676EPSS
Exploits15References9
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.57 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3018-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3018-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

7.8CVSS7AI score0.05676EPSS
Exploits15References9
Tenable Nessus
Tenable Nessus
added 2016/06/01 12:0 a.m.52 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2989-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2989-1 advisory. Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use th...

10CVSS7.2AI score0.2593EPSS
Exploits17References11
Cvelist
Cvelist
added 2014/07/11 2:0 p.m.39 views

CVE-2014-0174

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

6AI score0.01585EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.43 views

openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

7.8CVSS6.2AI score0.05542EPSS
Exploits50References57
exploitpack
exploitpack
added 2014/02/22 12:0 a.m.16 views

eshtery CMS - FileManager.aspx Local File Disclosure

eshtery CMS - FileManager.aspx Local File Disclosure source: https://www.securityfocus.com/bid/65740/info eshtery CMS is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2012/07/13 10:0 a.m.21 views

CVE-2012-2845

Integer overflow in the jpegdataloaddata function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain potentially sensitive information via a crafted JPEG file...

6.4AI score0.0356EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/06/28 12:0 a.m.84 views

openssh-server Forced Command Handling Information Disclosure Vulnerability

The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...

6.5CVSS5.1AI score0.03672EPSS
Exploits0References3
NVD
NVD
added 2011/12/16 11:55 a.m.15 views

CVE-2011-4850

The Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by...

4.3CVSS6.1AI score0.01066EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/10/20 12:0 a.m.14 views

CVE-2011-2584

Cisco Show and Share 52, 5.21, and 5.22 before 5.22.1 allows remote attackers to access the 1 Encoders and Pull Configurations, 2 Push Configurations, 3 Video Encoding Formats, and 4 Transcoding administration pages, and cause a denial of service live event outage or obtain potentially sensitive...

6.8AI score0.02177EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/05/31 10:0 p.m.20 views

CVE-2006-2711

Secure Elements Class 5 AVR aka C5 EVM 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to obtain potentially sensitive information about messages...

6.3AI score0.01929EPSS
Exploits0References6
Prion
Prion
added 2006/05/10 2:22 a.m.17 views

Information disclosure

The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings...

5CVSS6.7AI score0.02725EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder