Lucene search
K

2518 matches found

OSV
OSV
added 2015/08/11 2:59 p.m.1 views

DEBIAN-CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

6.8CVSS8.1AI score0.03748EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/14 12:0 a.m.2 views

Mozilla Firefox 'asm.js' Out-of-Bounds Read/Write Vulnerability

Mozilla Firefox is a popular open source WEB browser. Mozilla Firefox has an out-of-bounds read/write vulnerability in 'asm.js' when validating Javascript, which allows remote attackers to exploit the vulnerability to construct a malicious web page that can be parsed by the user and can be used t...

7.5CVSS7.4AI score0.03739EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/04/21 12:0 a.m.32 views

Google Chrome Multiple Vulnerabilities-02 (Apr 2015) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

7.5CVSS6.5AI score0.02702EPSS
Exploits4References5
NVD
NVD
added 2015/04/05 1:59 a.m.19 views

CVE-2015-0932

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...

10CVSS7.3AI score0.0559EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.34 views

Mandriva Linux Security Advisory : freetype2 (MDVSA-2015:089)

Updated freetype2 packages fix security vulnerabilities : It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow CVE-2014-2240. It was also reported that Freetype...

7.5CVSS7.7AI score0.06224EPSS
Exploits20References22
OpenVAS
OpenVAS
added 2015/03/04 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-2506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.04359EPSS
Exploits0References2
CNVD
CNVD
added 2015/02/28 12:0 a.m.1 views

KIE Workbench Arbitrary File Execution Vulnerability

KIE Workbench is a set of JAVA-based development of open source BPM business process management of the complete release , including all the BPM and rules module . An arbitrary file execution vulnerability exists in KIE Workbench 6.0.x that could allow an authenticated remote user to read or write...

6.5CVSS7AI score0.01905EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/02/26 12:0 a.m.33 views

SuSE 11.3 Security Update : unzip (SAT Patch Number 10344)

This update fixes the following security issues : - input sanitization errors. bnc909214. CVE-2014-8139 - out-of-bounds read/write in testcompreb bnc914442. CVE-2014-9636 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

7.8CVSS6.2AI score0.11562EPSS
Exploits0References6
CVE
CVE
added 2015/02/20 4:0 p.m.54 views

CVE-2014-8115

CVE-2014-8115 affects KIE Workbench 6.0.x (KIE Workbench) with insufficient authorization constraints that allow remote authenticated users to read or write arbitrary files via unknown vectors. The CVSS base score is 6.5 (Medium) with network attack vector and partial confidentiality/integrity/av...

6.5CVSS6.8AI score0.01905EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2015/02/12 11:10 a.m.51 views

[SECURITY] [DLA-152-1] postgresql-8.4 update

Package : postgresql-8.4 Version : 8.4.22lts1-0+deb6u1 CVE ID : CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244 Several vulnerabilities were discovered in PostgreSQL, a relational database server system. The 8.4 branch is EOLed upstream, but still present in Debian squeeze. This new LTS...

9.8CVSS8.4AI score0.05533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/02/09 12:0 a.m.37 views

Debian DSA-3155-1 : postgresql-9.1 - security update

Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. - CVE-2014-8161: Information leak A user with limited clearance on a table might have access to information in columns without SELECT rights on through server error messages. - CVE-2015-0241: Out of boundaries...

9.8CVSS6.8AI score0.05533EPSS
Exploits0References10
OSV
OSV
added 2015/02/06 3:59 p.m.6 views

AZL-35334 CVE-2014-9636 affecting package unzip for versions less than 6.0-20

unzip 6.0 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression...

5CVSS6.7AI score0.11562EPSS
Exploits0References1
Debian
Debian
added 2015/02/06 1:30 p.m.43 views

[SECURITY] [DSA 3155-1] postgresql-9.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.05533EPSS
Exploits0
OSV
OSV
added 2015/02/06 12:0 a.m.37 views

DSA-3155-1 postgresql-9.1 - security update

Bulletin has no description...

9.8CVSS7.1AI score0.05533EPSS
Exploits0
CNVD
CNVD
added 2015/01/28 12:0 a.m.2 views

LibTIFF Out-of-Bounds Read/Write Denial of Service Vulnerability

LibTiff is an application library responsible for encoding/decoding TIFF image format. The use of the LibTiff library's "tiff2pdf" tool to process malformed TIFF images suffers from an out-of-bounds read/write vulnerability, which allows an attacker to exploit the vulnerability to build a malicio...

8.8CVSS6.9AI score0.03907EPSS
Exploits1References1
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.46 views

[CVE-2014-7301] SGI Tempo System Database Password Exposure

SGI Tempo System Database Password Exposure Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7301 Author: John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Description It i...

6.8AI score0.00512EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/12/10 12:0 a.m.49 views

SGI Tempo Database Password Disclosure

SGI Tempo System Database Password Exposure Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7301 Author: John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Description It i...

6.6AI score0.00512EPSS
Exploits2
OSV
OSV
added 2014/12/09 11:59 p.m.8 views

CVE-2014-9066

Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service write denial or NMI watchdog timeout and host crash via a large number of read requests, a different vulnerability than...

6AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/12/09 11:59 p.m.25 views

CVE-2014-9065

common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service write denial or NMI watchdog timeout and host crash via a large number of read requests, a different vulnerability to CVE-2014-9066...

4.4CVSS7.2AI score0.00374EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/12/09 12:0 a.m.25 views

CVE-2014-8093

Multiple integer overflows in the GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to th...

6.5CVSS7.2AI score0.04373EPSS
Exploits0References3
Rows per page
Query Builder