Lucene search
K

5103 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/30 12:0 a.m.30 views

Fedora 25 : webkitgtk4 (2017-98bc28ae9e)

This update addresses the following vulnerabilities : - CVE-2017-2496, CVE-2017-2539, CVE-2017-2510 Additional fixes : - Fix URL shown in the title of beforeunload dialogs. - Focus first input field of HTTP authentication dialog. - Fix rendering glitches in HiDPI in long GitHub Gist pages when...

8.8CVSS7.5AI score0.03918EPSS
Exploits3References4
Atlassian
Atlassian
added 2017/04/05 4:34 p.m.48 views

Users with the same name as an inactive user in a higher priority directory get all that users memberships

h3. Summary In embedded Crowd in at least JIRA and Confluence, when a user is made inactive but retains its groups, then if a lower priority directory has a new user created with the same name, it now inherits their memberships. It seems like the logic used to determine the user authentication by...

0.6AI score
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2017/04/01 8:57 a.m.13 views

warbird.no XSS vulnerability

Vulnerable URL: http://www.warbird.no/section.php?Category=RWONTV=Priority=videolistalert/OPENBUGBOUNTY/...

6.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/01/31 12:0 a.m.41 views

CVE-2016-6329

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack...

5.9CVSS6.6AI score0.0594EPSS
Exploits0References4
NVD
NVD
added 2017/01/10 3:59 p.m.28 views

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

7.5CVSS7.4AI score0.01792EPSS
Exploits0References2
Prion
Prion
added 2017/01/10 3:59 p.m.17 views

Design/Logic Flaw

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

5CVSS6.7AI score0.01792EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/10 3:59 p.m.25 views

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

7.5CVSS7.4AI score0.01792EPSS
Exploits0References2
CVE
CVE
added 2017/01/10 3:0 p.m.56 views

CVE-2016-6580

CVE-2016-6580 affects HTTP/2 implementations built with the Python priority library older than 1.2.0. The vulnerability arises when a peer can assign priority information for every HTTP/2 stream ID, allowing the priority data structure to grow without bound, consuming memory and driving extremely...

7.5CVSS7.3AI score0.01792EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/01/10 3:0 p.m.22 views

CVE-2016-6580

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

7.4AI score0.01792EPSS
Exploits0References2
OSV
OSV
added 2016/12/29 10:59 p.m.3 views

DEBIAN-CVE-2016-1922

QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...

5.5CVSS7.3AI score0.00433EPSS
Exploits0References1
Adobe
Adobe
added 2016/12/13 12:0 a.m.33 views

APSB16-46 Security update available for RoboHelp

Adobe categorizes this hotfix with the following priority rating and recommends users update their installations to the newest versions:...

6.1CVSS3.3AI score0.032EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2016/12/12 12:0 a.m.11 views

Error: "Error while changing IO Priority to High for Process" for Processes Related to Antivirus Software

The Windows Event Log on a machine running Workspace Environment Management may contain many events from the WEM Agent Service. These events all relate to processes for Antivirus software installed on the device...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/09/21 12:0 a.m.33 views

CVE-2016-3991

Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image with zero tiles...

7.8CVSS7.5AI score0.03853EPSS
Exploits0References4
Citrix
Citrix
added 2016/08/30 12:0 a.m.10 views

How content-length of a HTTP response is handled when rewrite is in use on NetScaler

When using rewrite policy with priority 120 on NetScaler it can be noticed that Content-Length header is misspelled in the response. To alter this behavior we can use another rewrite policywith priority 100 that has an action that can never be true. Note: Priority 120 and 100 is taken as examples...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/08/23 12:0 a.m.8 views

The vulnerability of the Android operating system allows a hacker to increase the priority of the intent-filter filter.

The vulnerability in the services/core/java/com/android/server/pm/PackageManagerService.java file of the Android operating system’s API is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to increase the priority of the intent-filter filter through a specially...

7.5CVSS7.7AI score0.00595EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/08/11 12:0 a.m.2 views

Python priority denial of service vulnerability

Python is a suite of open source, object-oriented programming languages from the Python Software Foundation. json is one of the modules that provides a lightweight format for exchanging data. priority is one of the modules used to implement ordering. A denial of service vulnerability exists in...

7.5CVSS8.1AI score0.01792EPSS
Exploits0References1
OSV
OSV
added 2016/08/05 8:59 p.m.4 views

CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.3CVSS5.8AI score0.00595EPSS
Exploits0References3
Prion
Prion
added 2016/08/05 8:59 p.m.21 views

Code injection

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.5CVSS6.8AI score0.00595EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/08/05 8:59 p.m.31 views

CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.5CVSS7.1AI score0.00595EPSS
Exploits0References3
OSV
OSV
added 2016/08/05 8:59 p.m.3 views

UBUNTU-CVE-2016-2497

services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...

7.3CVSS7.1AI score0.00595EPSS
Exploits0References4
Rows per page
Query Builder