Lucene search
K

6681 matches found

Tenable Nessus
Tenable Nessus
added 2017/01/23 12:0 a.m.34 views

Fedora 25 : webkitgtk4 (2017-b015aa1d33)

This update addresses the following vulnerabilities : - CVE-2016-7656, CVE-2016-7635, CVE-2016-7654, CVE-2016-7639, CVE-2016-7645, CVE-2016-7652, CVE-2016-7641, CVE-2016-7632, CVE-2016-7599, CVE-2016-7592, CVE-2016-7589, CVE-2016-7623, CVE-2016-7586 Additional fixes : - Create GLX OpenGL contexts...

8.8CVSS6.5AI score0.02039EPSS
Exploits0References14
Fedora
Fedora
added 2017/01/20 6:11 p.m.36 views

[SECURITY] Fedora 25 Update: webkitgtk4-2.14.3-1.fc25

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

8.8CVSS1.8AI score0.02039EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/12 12:0 a.m.46 views

Adobe Acrobat < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01) (macOS)

The version of Adobe Acrobat installed on the remote macOS or Mac OS X host is prior to 11.0.19, 15.006.30279, or 15.023.20053. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist due to improper validation of unspecified input. An unauthenticated,...

10CVSS7.7AI score0.24158EPSS
Exploits0References32
Microsoft KB
Microsoft KB
added 2017/01/10 8:0 a.m.36 views

January 10, 2017—KB3210721 (OS Build 10586.753)

January 10, 2017—KB3210721 OS Build 10586.753 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed security issues related to Microsoft Edge. If you installed earlier updates, only th...

8.8CVSS8.8AI score0.1489EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2017/01/10 8:0 a.m.33 views

January 10, 2017—KB3210720 (OS Build 10240.17236)

January 10, 2017—KB3210720 OS Build 10240.17236 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed security issues related to Microsoft Edge If you installed earlier updates, only t...

8.8CVSS8.7AI score0.1489EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2017/01/10 8:0 a.m.46 views

January 10, 2017—KB3213986 (OS Build 14393.693)

January 10, 2017—KB3213986 OS Build 14393.693 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of Groove Music playback in the background, App-V, video playback and...

8.8CVSS8.9AI score0.1489EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.36 views

MS12-078: Description of the security update for the Windows OpenType Compact Font Format (CFF) driver: December 11, 2012

MS12-078: Description of the security update for the Windows OpenType Compact Font Format CFF driver: December 11, 2012 INTRODUCTION Microsoft has released security bulletin MS12-078. To view the complete security bulletin, go to one of the following Microsoft websites: Home users:...

6.4AI score
Exploits0
OSV
OSV
added 2017/01/06 9:59 p.m.4 views

CVE-2016-4295

When opening a Hangul Hcell Document .cell and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the...

7.8CVSS6.3AI score0.02232EPSS
Exploits2References2
Veracode
Veracode
added 2016/12/19 9:0 a.m.7 views

Cross-site Scripting (XSS)

cookie-flash-messages is vulnerable to cross-site scripting XSS attacks.These attacks are possible because data is rendered directly onto the screen from the cookie. If a malicious user were to tamper with the cookie to contain code, this code could be executed...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2016/12/13 8:0 a.m.49 views

MS16-148: Description of the security update for Excel 2013: December 13, 2016

MS16-148: Description of the security update for Excel 2013: December 13, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

7.8CVSS7.5AI score0.58204EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2016/12/13 12:0 a.m.7 views

Microsoft Browser Scripting Engine Memory Corruption (MS16-145: CVE-2016-7287)

A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS4AI score0.68715EPSS
Exploits1
OSV
OSV
added 2016/12/11 12:0 a.m.4 views

UBUNTU-CVE-2016-9426

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Integer overflow vulnerability in the renderTable function in w3m allows remote attackers to cause a denial of service OOM and possibly execute arbitrary code due to bdwgc's bug CVE-2016-9427 via a crafted HTML page...

8.8CVSS7.7AI score0.02866EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/12/07 7:8 p.m.4 views

chromium-browser: local file access in pdfium

PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file...

6.5CVSS7.4AI score0.01121EPSS
Exploits0References5
Jake Archibald's Blog
Jake Archibald's Blog
added 2016/12/06 1:5 p.m.11 views

Fun hacks for faster content

A few weeks ago I was at Heathrow airport getting a bit of work done before a flight, and I noticed something odd about the performance of GitHub: It was quicker to open links in a new window than simply click them. Here's a video I took at the time: GitHub link click vs new tab Here I click a...

6.8AI score
Exploits0
Snyk
Snyk
added 2016/12/06 12:0 a.m.3 views

Cross-site Scripting (XSS)

Overview ejs is a popular JavaScript templating engine. Affected versions of the package are vulnerable to Cross-site Scripting by letting the attacker under certain conditions control and override the filename option causing it to render the value as is, without escaping it. You can read more...

5.9CVSS6.9AI score
Exploits0References2
Fedora
Fedora
added 2016/12/01 10:21 p.m.40 views

[SECURITY] Fedora 23 Update: zathura-pdf-mupdf-0.3.0-3.fc23

This plugin adds PDF support to zathura using the mupdf rendering engine...

9.8CVSS2AI score0.03023EPSS
Exploits6
Snyk
Snyk
added 2016/12/01 6:44 p.m.3 views

Remote Code Execution (RCE)

Overview ejs is a popular JavaScript templating engine. Affected versions of the package are vulnerable to Remote Code Execution by letting the attacker under certain conditions control the source folder from which the engine renders include files. You can read more about this vulnerability on th...

8.1CVSS7.7AI score
Exploits0References2
myhack58
myhack58
added 2016/12/01 12:0 a.m.40 views

The React application in the most common XSS exploits and Defense-vulnerability warning-the black bar safety net

The author has been firmly React technology stack of the user, and therefore will pay attention to the React application security related topics. The author in my ownReact+Redux+Webpack2scaffolding the third level also uses a lot of server-side rendering/isomorphism straight out of the technology...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2016/11/29 12:0 a.m.16 views

Foreman < 1.11.1 Information Disclosure Vulnerability

Foreman is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:theforeman:foreman";...

8.1CVSS8AI score0.02131EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.50 views

CentOS 7 : poppler (CESA-2016:2580)

An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.3CVSS7.4AI score0.04557EPSS
Exploits0References2
Rows per page
Query Builder