Lucene search
K

124 matches found

Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.24 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.0122EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/08 12:0 a.m.28 views

Debian DSA-4023-1 : slurm-llnl - security update

Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...

7.8CVSS7.7AI score0.00578EPSS
Exploits0References4
Debian
Debian
added 2017/11/07 10:22 p.m.28 views

[SECURITY] [DSA 4023-1] slurm-llnl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4023-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2017 https://www.debian.org/security/faq -...

7.2CVSS1.5AI score0.00578EPSS
Exploits0
Debian
Debian
added 2017/11/07 10:22 p.m.37 views

[SECURITY] [DSA 4023-1] slurm-llnl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4023-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2017 https://www.debian.org/security/faq -...

7.8CVSS7.8AI score0.00578EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/11/01 5:29 p.m.31 views

CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

7.8CVSS7.1AI score0.00578EPSS
Exploits0References4
OSV
OSV
added 2017/11/01 5:29 p.m.23 views

CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

7.8CVSS7.9AI score
Exploits0References3
OSV
OSV
added 2017/11/01 5:29 p.m.4 views

UBUNTU-CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

7.8CVSS7.1AI score0.00578EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/11/01 5:0 p.m.37 views

CVE-2017-15566

Removed by vendor...

7.8CVSS8.2AI score0.00578EPSS
Exploits0
pentestit
pentestit
added 2017/08/29 8:26 p.m.161 views

Pharos: A Static Binary Analysis Framework

PenTestIT RSS Feed All of us know what static binary analysis means. It means that the analysis of the binary is performed without actually executing it. Almost two years ago, an open source framework - Pharos, was created by the Carnegie Mellon SEI, CERT Division in collaboration with the Lawren...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/04/28 12:0 a.m.57 views

Debian DLA-921-1 : slurm-llnl security update

With this vulnerability arbitrary files can be overwritten on nodes running jobs provided that the user can run a job that is able to trigger a failure of a Prolog script. For Debian 7 'Wheezy', these problems have been fixed in version 2.3.4-2+deb7u1. We recommend that you upgrade your slurm-lln...

8.1CVSS8.3AI score0.02483EPSS
Exploits0References3
CNVD
CNVD
added 2017/01/09 12:0 a.m.7 views

SLURM Prolog Security Bypass Vulnerability

Slurm is an open source and highly scalable cluster management and job scheduling system for large and small Linux clusters. A security bypass vulnerability exists in Slurm. An attacker can exploit this vulnerability to perform unauthorized operations bypassing security restrictions...

8.1CVSS6.9AI score0.02483EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/01/05 11:59 a.m.28 views

CVE-2016-10030

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...

8.1CVSS7.2AI score0.02483EPSS
Exploits0References5
Prion
Prion
added 2017/01/05 11:59 a.m.19 views

Design/Logic Flaw

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...

7.6CVSS6.9AI score0.02483EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/01/05 11:59 a.m.2 views

UBUNTU-CVE-2016-10030

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...

8.1CVSS7.4AI score0.02483EPSS
Exploits0References6
OSV
OSV
added 2017/01/05 11:59 a.m.23 views

CVE-2016-10030

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...

8.1CVSS6.7AI score
Exploits0References3
Cvelist
Cvelist
added 2017/01/05 11:0 a.m.28 views

CVE-2016-10030

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...

8.8AI score0.02483EPSS
Exploits0References3
CVE
CVE
added 2017/01/05 11:0 a.m.77 views

CVE-2016-10030

CVE-2016-10030 affects Slurm: the Prolog failure handling in slurmd/req.c can let a user influence an arbitrary file if they can cause or anticipate a Prolog script failure on a compute node. Affected versions span Slurm up to present in 0.6.0 onwards, with fixed ranges listed as: before 15.08.13...

8.1CVSS8.2AI score0.02483EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2017/01/05 11:0 a.m.43 views

CVE-2016-10030

Removed by vendor...

8.1CVSS8.8AI score0.02483EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.16 views

Gentoo Security Advisory GLSA 201312-05

Gentoo Linux Local Security Checks GLSA 201312-05 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS5AI score0.04019EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/12/06 12:0 a.m.16 views

GLSA-201312-05 : SWI-Prolog : Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201312-05 SWI-Prolog : Multiple vulnerabilities Multiple vulnerabilities have been discovered in SWI-Prolog: An error in the canoniseFileName function could cause a stack-based buffer overflow CVE-2012-6089. An error in the expand...

7.5CVSS6.7AI score0.04019EPSS
Exploits0References3
Rows per page
Query Builder