Lucene search
K

2531 matches found

RedHat Linux
RedHat Linux
added 2016/05/10 4:48 a.m.49 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/10 4:19 a.m.46 views

Important: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References2
0day.today
0day.today
added 2016/05/09 12:0 a.m.48 views

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

Exploit for windows platform in category dos / poc / Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers,...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/05/09 12:0 a.m.81 views

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

/ Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers, ASMMAP.sys / ASMMAP64.sys, the version resources...

7.4AI score
Exploits0
OSV
OSV
added 2016/04/27 5:59 p.m.3 views

DEBIAN-CVE-2016-0774

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux RHEL 7.1 do not properly consider the side effects of failed...

6.8CVSS6.8AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/15 12:0 a.m.4 views

Unspecified Vulnerability in Adobe Creative Cloud Desktop JavaScript API for Creative Cloud Libraries

Adobe Creatie Cloud Desktop is a suite of applications for managing applications and services in the Creative Cloud Member Management Center from Adobe USA. A security vulnerability exists in Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop 3.5.1.209...

9.4CVSS6.9AI score0.02769EPSS
Exploits0References1
Prion
Prion
added 2016/04/14 3:59 p.m.17 views

Code injection

The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service libvirtd crash by triggering a failed unlink after creating a volume on a rootsquash NFS pool...

4CVSS6.6AI score0.0137EPSS
Exploits0References2Affected Software2
Samba
Samba
added 2016/04/12 12:0 a.m.410 views

SAMR and LSA man in the middle attacks possible

The Security Account Manager Remote Protocol MS-SAMR and the Local Security Authority Domain Policy Remote Protocol MS-LSAD are both vulnerable to man in the middle attacks. Both are application level protocols based on the generic DCE 1.1 Remote Procedure Call DCERPC protocol. These protocols ar...

6.8CVSS2.3AI score0.3693EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.23 views

openSUSE Security Update : ghostscript (openSUSE-2016-427)

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...

6.8CVSS7.8AI score0.03748EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/04/06 12:0 a.m.12 views

The vulnerability of the glibc implementation library, which allows attackers to increase their privileges

The vulnerability of the ptchown function in the glibc execution library arises from the lack of namespace checking related to the file descriptor passed as an argument. Exploiting this vulnerability allows a local attacker to record keyboard input, replace data, or potentially increase their...

7.2CVSS7.6AI score0.01081EPSS
Exploits2References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.5 views

The vulnerability of the Apache Tomcat application server allows a attacker to cause a service failure.

The vulnerability of the setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java of the Apache Tomcat application server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent access...

6.5CVSS7.1AI score0.11297EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/03/02 12:0 a.m.7 views

The vulnerability of the iOS operating system, which allows a hacker to read or write data in cookies

The vulnerability of the WebSheet component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to read or write cookie data through a specially created authentication portal...

5.8CVSS6.2AI score0.01266EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/02/09 1:5 p.m.7 views

MGASA-2016-0057 Updated radicale packages fix CVE-2015-8748

Updated radicale package fixes security vulnerabilities: If an attacker is able to authenticate with a user name like .', he can bypass read/write limitations imposed by regex-based rules, including the built-in rules ownerwrite' read for everybody, write for the calendar owner and owneronly' rea...

5.3CVSS6.3AI score0.02219EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/02/08 12:0 a.m.46 views

Debian Security Advisory DSA 3471-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...

9.3CVSS1AI score0.0773EPSS
Exploits4References1
OSV
OSV
added 2016/02/01 11:59 a.m.4 views

CVE-2016-1730

WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal...

5.4CVSS5.8AI score0.01266EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/01/28 4:13 p.m.1 views

Qemu: nvram: OOB r/w access in processing firmware configurations

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/01/28 4:13 p.m.48 views

Important: Red Hat Security Advisory: qemu-kvm security and bug fix update

Updated qemu-kvm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS7.6AI score0.06085EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/01/28 3:56 p.m.3 views

Qemu: nvram: OOB r/w access in processing firmware configurations

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/01/28 3:55 p.m.2 views

Qemu: nvram: OOB r/w access in processing firmware configurations

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/01/28 3:55 p.m.4 views

Qemu: nvram: OOB r/w access in processing firmware configurations

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References4
Rows per page
Query Builder