Lucene search
K

107 matches found

Fedora
Fedora
added 2021/10/14 4:3 p.m.58 views

[SECURITY] Fedora 33 Update: openssh-8.4p1-8.fc33

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

7CVSS2AI score0.02367EPSS
Exploits2
Prion
Prion
added 2021/09/11 11:15 a.m.19 views

Remote code execution

A Remote Code Execution RCE vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class...

10CVSS9.9AI score0.05685EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2021/08/09 9:30 p.m.50 views

ADCSPwn - A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts Petitpotam and relaying to the certificate service. Usage Run ADCSPwn on your target network. authentication will be relayed to. Optional arguments: port - The port ADCSPwn will listen on...

8AI score
Exploits0References1
Fedora
Fedora
added 2021/06/26 1:8 a.m.135 views

[SECURITY] Fedora 33 Update: openssh-8.4p1-7.fc33

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

7.1CVSS2AI score0.03422EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2021/05/11 8:54 p.m.25 views

CVE-2021-3533

A flaw was found in Ansible if an ansible user sets ANSIBLEASYNCDIR to a subdirectory of a world writable directory . When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async...

5CVSS4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.32 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libexif Vulnerability (NS-SA-2020-0082)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libexif packages installed that are affected by a vulnerability: - An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. Thi...

9.1CVSS7.4AI score0.02684EPSS
Exploits0References2
Citrix
Citrix
added 2020/11/09 12:0 a.m.13 views

Citrix UPM Log Parser

Citrix UPM Log Parser v1.5 Created Date: Oct 8, 2009 Modified Date: Oct 4, 2016 Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Description Citrix UPM Log Parser has been designed to hel...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/10/13 12:0 a.m.23 views

NewStart CGSL MAIN 4.05 : spice-gtk Vulnerability (NS-SA-2020-0050)

The remote NewStart CGSL host, running version MAIN 4.05, has spice-gtk packages installed that are affected by a vulnerability: - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to...

8.8CVSS8.1AI score0.02363EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/07 12:0 a.m.38 views

NewStart CGSL MAIN 4.05 : ppp Vulnerability (NS-SA-2020-0052)

The remote NewStart CGSL host, running version MAIN 4.05, has ppp packages installed that are affected by a vulnerability: - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. CVE-2020-8597 Note that Nessus has not tested for thi...

9.8CVSS8.7AI score0.19431EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.31 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openjpeg2 Vulnerability (NS-SA-2020-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openjpeg2 packages installed that are affected by a vulnerability: - opjt1clbldecodeprocessor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue th...

8.8CVSS7.3AI score0.04932EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/01/20 12:0 a.m.49 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ntp Vulnerability (NS-SA-2020-0009)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ntp packages installed that are affected by a vulnerability: - NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service ntpd abort by using the same IP address...

7.1CVSS6.6AI score0.08948EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.17 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : libcgroup Vulnerability (NS-SA-2019-0235)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libcgroup packages installed that are affected by a vulnerability: - libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information...

8.1CVSS6.4AI score0.02316EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.32 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : curl Vulnerability (NS-SA-2019-0193)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has curl packages installed that are affected by a vulnerability: - Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure an...

9.1CVSS7.2AI score0.02099EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.25 views

Fedora Update for python-mitogen FEDORA-2019-b25dd670a4

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.01632EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.42 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libvorbis Vulnerability (NS-SA-2019-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvorbis packages installed that are affected by a vulnerability: - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to...

8.8CVSS8.1AI score0.12054EPSS
Exploits0References2
Fedora
Fedora
added 2019/02/18 2:5 a.m.27 views

[SECURITY] Fedora 29 Update: gsi-openssh-7.9p1-5.fc29

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

8.1CVSS2.4AI score0.01202EPSS
Exploits1
Fedora
Fedora
added 2018/09/13 5:6 p.m.46 views

[SECURITY] Fedora 27 Update: openssh-7.6p1-6.fc27

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

5.3CVSS2AI score0.98631EPSS
Exploits23
ICS
ICS
added 2018/09/06 12:0 p.m.23 views

Ecava IntegraXor Directory Traversal

Overview This advisory is a follow-up to ICS-ALERT-10-355-01 - Ecava IntegraXor Directory Traversal, published on the ICS-CERT Web page on December 21, 2010. ICS-CERT has become aware of a directory traversal vulnerability in the Ecava IntegraXor Human-Machine Interface HMI product that could all...

7.3AI score
Exploits0References19
Fedora
Fedora
added 2018/08/14 9:14 p.m.40 views

[SECURITY] Fedora 28 Update: postgresql-10.5-1.fc28

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

8.5CVSS0.8AI score0.05154EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.20 views

Security Bulletin: Pre-processing and post-processing scripts can access the entire domain model of server or agent (CVE-2016-2942)

Summary IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will cause processes to run on a remote UCD agent machine. Vulnerability Details CVEID: CVE-2016-2942 DESCRIPTION: IBM UrbanCode Deploy could allow an...

7.5CVSS1.3AI score0.00818EPSS
Exploits0Affected Software1
Rows per page
Query Builder