Lucene search
K

1624 matches found

Openbugbounty
Openbugbounty
added 2017/01/29 10:52 p.m.11 views

etnews.com XSS vulnerability

Vulnerable URL: http://www.etnews.com/tools/refreshscript.html?src='"--!...

6.9AI score
Exploits0
Citrix
Citrix
added 2017/01/24 12:0 a.m.6 views

Citrix Receiver refreshes and comes to foreground of the screen

Once Receiver is configured with URL it refreshes automatically. Change in refresh rate of the Receiver interrupts users when working on other apps...

7.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.6 views

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1

Update Rollup 11 for System Center 2012 Virtual Machine Manager Service Pack 1 Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 SP1. There is one update available for System Center 2012 SP1...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.36 views

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Virtual Machine Manager. Two updates are available for System Center 2012 R2 Virtual Machine Manager. One update i...

7.1AI score
Exploits0
OSV
OSV
added 2016/09/22 10:59 p.m.2 views

DEBIAN-CVE-2016-5277

Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by leveraging improper interaction between...

9.8CVSS9.2AI score0.04008EPSS
Exploits0References1
Lenovo
Lenovo
added 2016/07/22 12:0 a.m.13 views

Row Hammer Privilege Escalation - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2016/07/12 7:0 a.m.93 views

MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016

MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

9.3CVSS8.2AI score0.26291EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.4 views

The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code or trigger a service denial.

Mozilla Firefox ESR’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating server permissions...

10CVSS7.6AI score0.04648EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.

Mozilla Thunderbird’s software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. If exploited, an attacker can execute arbitrary code or cause service interruptions by manipulating server permissions...

10CVSS7.6AI score0.04648EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/15 12:0 a.m.18 views

openSUSE Security Update : clamav-database (openSUSE-2016-726)

This update for clamav-database refreshes the database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-726...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.15 views

openSUSE Security Update : clamav-database (openSUSE-2016-451)

This update provides a database refresh for the clamav-database. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.32 views

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

6.8CVSS7.1AI score0.03666EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.31 views

RedHat Update for sssd RHSA-2015:2355-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.03666EPSS
Exploits0References2
OSV
OSV
added 2015/11/06 9:59 p.m.1 views

DEBIAN-CVE-2015-5225

Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...

7.2CVSS8.3AI score0.00533EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/09/14 4:22 a.m.5 views

Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface

A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...

7.2CVSS7.9AI score0.00533EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/08/25 12:0 a.m.33 views

CVE-2015-5225

Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...

7.2CVSS7AI score0.00533EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/07 12:0 a.m.229 views

Mac OS X Multiple EFI Vulnerabilities (EFI Security Update 2015-001)

The remote Mac OS X host is running EFI firmware that is affected by multiple vulnerabilities : - An insufficient locking issue exists, when resuming from sleep states, which allows a local attacker to write to the EFI flash memory by using an crafted application with root privileges. CVE-2015-36...

9.3CVSS6.2AI score0.07659EPSS
Exploits0References3
Prion
Prion
added 2015/07/03 2:0 a.m.20 views

Design/Logic Flaw

Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message...

4.3CVSS6.2AI score0.01913EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2015/07/03 1:59 a.m.23 views

Memory corruption

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service memory corruption, by...

9.3CVSS7.1AI score0.07659EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2015/07/03 1:0 a.m.65 views

CVE-2015-3710

CVE-2015-3710 affects Apple Mail on iOS <= 8.3/8.4? and OS X

4.3CVSS3.7AI score0.01913EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder