Lucene search
K

2551 matches found

RedHat Linux
RedHat Linux
added 2016/01/28 3:40 p.m.38 views

Important: Red Hat Security Advisory: qemu-kvm security update

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.1CVSS7.6AI score0.06085EPSS
Exploits0References2
CNVD
CNVD
added 2016/01/23 12:0 a.m.6 views

Apple iOS WebKit COOKIE Read/Write Vulnerability

Apple iOS is Apple's operating system for several smart devices. A security vulnerability exists in Apple iOS that could allow an attacker to construct a malicious web page, trick users into parsing it, and read and write COOKIEs to the target system...

5.8CVSS6.5AI score0.01266EPSS
Exploits0References1
canvas
canvas
added 2016/01/13 5:59 a.m.548 views

Immunity Canvas: MS16_006_SILVERLIGHT

Name| ms16006silverlight ---|--- CVE| CVE-2016-0034 Exploit Pack| CANVAS Description| ms16006silverlight Notes| CVE Name: CVE-2016-0034 VENDOR: Microsoft Notes: This module exploits a mishandling of negative offsets during a decoding. This situation could be exploited to overwrite with controlled...

9.3CVSS1.4AI score0.69709EPSS
Exploits1
OSV
OSV
added 2016/01/12 12:0 a.m.2 views

UBUNTU-CVE-2016-1714

The 1 fwcfgwrite and 2 fwcfgread functions in hw/nvram/fwcfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAPSYSRAWIO privilege to cause a denial of service out-of-bounds read or write access and process crash or possibly...

8.1CVSS7.6AI score0.06085EPSS
Exploits0References4
CNVD
CNVD
added 2015/12/20 12:0 a.m.5 views

Cisco Videoscape Distribution Suite Service Manager Security Bypass Vulnerability

Cisco Videoscape Distribution Suite Service Manager is a suite of reporting and analysis tools for VDS products from Cisco in the United States. Cisco Videoscape Distribution Suite Service Manager fails to use RBAC control over back-end database access in real-time, allowing remote attackers to...

6.5CVSS6.9AI score0.00952EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/20 12:0 a.m.5 views

Kaspersky Total Security Security Bypass Vulnerability

Kaspersky Total Security is a comprehensive multi-device version of the Russian antivirus program. The Kaspersky Total Security program protects user-mode processes by allocating memory with Read, Write, Execute RWX privileges in predictable addresses, allowing an attacker to exploit this...

6.4CVSS6.9AI score0.0149EPSS
Exploits1References1
CNVD
CNVD
added 2015/12/09 12:0 a.m.5 views

Microsoft Silverlight RCE Vulnerability

Microsoft Silverlight is a development platform from Microsoft. The platform can build interactive applications for the Web, desktop and mobile devices. A security vulnerability exists in Microsoft Silverlight, which arises from the program's failure to properly handle certain open and close...

9.3CVSS6.9AI score0.14122EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.8 views

The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a perpetrator to read and write files or execute JASIC code.

The vulnerability of the debugging interface of Microprogramming Software for Control System Chains of Janitza UMG models 508, 509, 511, 604, and 605 is related to the absence of an authentication procedure. Exploiting this vulnerability allows a malicious actor to read and write files, or execut...

7.5CVSS5.7AI score0.01623EPSS
Exploits0References2
Elastic
Elastic
added 2015/11/18 10:46 p.m.6 views

Kibana Cross-site Request Forgery CVE-2015-8131

CVE: CVE-2015-8131 Affected versions: All versions up to and including 4.1.2 and 4.2.0. The vulnerability is a cross-site request forgery CSRF or XSRF that could allow an attacker to read and write changes to the .kibana index or gain read and write access to Kibana plugin actions. Remediation: A...

6.8CVSS6.9AI score0.0088EPSS
Exploits0
Fedora
Fedora
added 2015/11/13 10:57 p.m.38 views

[SECURITY] Fedora 23 Update: libsndfile-1.0.25-17.fc23

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

9.3CVSS2.3AI score0.13294EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/10/30 12:0 a.m.38 views

openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...

7.2CVSS7AI score0.05059EPSS
Exploits5References21
CNVD
CNVD
added 2015/10/18 12:0 a.m.4 views

QNAP Systems QNAP QTS Directory Traversal Vulnerability

QNAP Systems QNAP QTS is a Turbo NAS operating system from QNAP Systems. A directory traversal vulnerability exists in QNAP Systems QNAP QTS. When AFP is enabled in the program, a remote attacker can read or write arbitrary files by submitting a special directory traversal request while accessing...

9.3CVSS7.1AI score0.04077EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.21 views

Oracle: Security Advisory (ELSA-2015-3037)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00609EPSS
Exploits0References3
OSV
OSV
added 2015/08/11 2:59 p.m.1 views

DEBIAN-CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

6.8CVSS8.1AI score0.03748EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/14 12:0 a.m.4 views

Mozilla Firefox 'asm.js' Out-of-Bounds Read/Write Vulnerability

Mozilla Firefox is a popular open source WEB browser. Mozilla Firefox has an out-of-bounds read/write vulnerability in 'asm.js' when validating Javascript, which allows remote attackers to exploit the vulnerability to construct a malicious web page that can be parsed by the user and can be used t...

7.5CVSS7.4AI score0.03739EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/04/21 12:0 a.m.32 views

Google Chrome Multiple Vulnerabilities-02 (Apr 2015) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

7.5CVSS6.5AI score0.02702EPSS
Exploits4References5
NVD
NVD
added 2015/04/05 1:59 a.m.21 views

CVE-2015-0932

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...

10CVSS7.3AI score0.0559EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.34 views

Mandriva Linux Security Advisory : freetype2 (MDVSA-2015:089)

Updated freetype2 packages fix security vulnerabilities : It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow CVE-2014-2240. It was also reported that Freetype...

7.5CVSS7.7AI score0.06275EPSS
Exploits20References22
OpenVAS
OpenVAS
added 2015/03/04 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-2506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.04359EPSS
Exploits0References2
CNVD
CNVD
added 2015/02/28 12:0 a.m.3 views

KIE Workbench Arbitrary File Execution Vulnerability

KIE Workbench is a set of JAVA-based development of open source BPM business process management of the complete release , including all the BPM and rules module . An arbitrary file execution vulnerability exists in KIE Workbench 6.0.x that could allow an authenticated remote user to read or write...

6.5CVSS7AI score0.01905EPSS
Exploits0References1
Rows per page
Query Builder