Lucene search
K

2520 matches found

Tenable Nessus
Tenable Nessus
added 2016/05/31 12:0 a.m.32 views

Adobe Creative Cloud <= 3.5.1.209 Arbitrary File Read/Write Vulnerability (Mac OS X)

The version of Adobe Creative Cloud installed on the remote Mac OS X host is prior or equal to 3.5.1.209. It is, therefore, affected by a flaw in the JavaScript API for Creative Cloud Libraries due to an exposed service. An unauthenticated, remote attacker can exploit this to read or write...

9.4CVSS8.6AI score0.02769EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/31 12:0 a.m.35 views

Adobe Creative Cloud <= 3.5.1.209 Arbitrary File Read/Write Vulnerability

The version of Adobe Creative Cloud installed on the remote Windows host is prior or equal to 3.5.1.209. It is, therefore, affected by a flaw in the JavaScript API for Creative Cloud Libraries due to an exposed service. An unauthenticated, remote attacker can exploit this to read or write arbitra...

9.4CVSS7.5AI score0.02769EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/05/31 12:0 a.m.6 views

The vulnerability of the Windows operating system allows a perpetrator to bypass the protection mechanisms of Virtual Secure Mode Hypervisor Code Integrity.

The vulnerability of the Windows operating system is related to errors in security settings. Exploiting this vulnerability allows a malicious actor to bypass the Virtual Secure Mode Hypervisor Code Integrity protection mechanism and execute RWX page marking using a specially created application...

2.1CVSS6.3AI score0.01516EPSS
Exploits0References2
Mageia
Mageia
added 2016/05/18 8:14 p.m.52 views

Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. ...

9.8CVSS8.7AI score0.06359EPSS
Exploits0References8
CNVD
CNVD
added 2016/05/12 12:0 a.m.4 views

Microsoft Windows HVCI Security Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security bypass vulnerability exists in Microsoft Windows 10 Gold and 1511, which stems from a program failing to properly allow certain kernel-mode pages to be marked as Read, Write, and Execute RWX....

5.5CVSS6.6AI score0.01516EPSS
Exploits0References1
OSV
OSV
added 2016/05/11 1:59 a.m.5 views

CVE-2016-0181

Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity HVCI protection mechanism and perform RWX markings of kernel-mode pages via a crafted application, aka "Hypervisor Code Integrity Security Feature Bypass."...

5.5CVSS5.8AI score0.01516EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/11 12:0 a.m.50 views

CentOS 7 : qemu-kvm (CESA-2016:0724)

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7.9AI score0.00923EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/11 12:0 a.m.28 views

Microsoft Windows Virtual Secure Mode Security Feature Bypass vulnerability (3155451)

This host is missing an important security update according to Microsoft Bulletin MS16-066. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.5CVSS6AI score0.01516EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/05/10 5:4 a.m.30 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.8CVSS7.5AI score0.00923EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/10 4:48 a.m.48 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.5AI score0.00923EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/10 4:19 a.m.46 views

Important: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7.5AI score0.00923EPSS
Exploits0References2
0day.today
0day.today
added 2016/05/09 12:0 a.m.48 views

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

Exploit for windows platform in category dos / poc / Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers,...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/09 12:0 a.m.81 views

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

/ Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers, ASMMAP.sys / ASMMAP64.sys, the version resources...

7.4AI score
Exploits0
OSV
OSV
added 2016/04/27 5:59 p.m.2 views

DEBIAN-CVE-2016-0774

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux RHEL 7.1 do not properly consider the side effects of failed...

6.8CVSS6.8AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/15 12:0 a.m.3 views

Unspecified Vulnerability in Adobe Creative Cloud Desktop JavaScript API for Creative Cloud Libraries

Adobe Creatie Cloud Desktop is a suite of applications for managing applications and services in the Creative Cloud Member Management Center from Adobe USA. A security vulnerability exists in Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop 3.5.1.209...

9.4CVSS6.9AI score0.02769EPSS
Exploits0References1
Prion
Prion
added 2016/04/14 3:59 p.m.17 views

Code injection

The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service libvirtd crash by triggering a failed unlink after creating a volume on a rootsquash NFS pool...

4CVSS6.6AI score0.0137EPSS
Exploits0References2Affected Software2
Samba
Samba
added 2016/04/12 12:0 a.m.410 views

SAMR and LSA man in the middle attacks possible

The Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD are both vulnerable to man in the middle attacks. Both are application level protocols based on the generic DCE 1.1 Remote Procedure Call DCERPC protocol. These protocols ar...

6.8CVSS2.3AI score0.3693EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.23 views

openSUSE Security Update : ghostscript (openSUSE-2016-427)

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...

6.8CVSS7.8AI score0.03748EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/04/06 12:0 a.m.10 views

The vulnerability of the glibc implementation library, which allows attackers to increase their privileges

The vulnerability of the ptchown function in the glibc execution library arises from the lack of namespace checking related to the file descriptor passed as an argument. Exploiting this vulnerability allows a local attacker to record keyboard input, replace data, or potentially increase their...

7.2CVSS7.6AI score0.01081EPSS
Exploits2References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.4 views

The vulnerability of the Apache Tomcat application server allows a attacker to cause a service failure.

The vulnerability of the setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java of the Apache Tomcat application server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent access...

6.5CVSS7.1AI score0.11297EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder