Lucene search
K

6683 matches found

Ubuntu
Ubuntu
added 2014/12/10 6:35 p.m.57 views

USN-2438-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...

7.5CVSS7.4AI score0.05192EPSS
Exploits0
OSV
OSV
added 2014/12/10 6:35 p.m.8 views

USN-2438-1 nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-331, nvidia-graphics-drivers-331-updates vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...

7.5CVSS7.4AI score0.05192EPSS
Exploits0References4
NVD
NVD
added 2014/12/10 3:59 p.m.25 views

CVE-2014-8298

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

7.5CVSS7.8AI score0.03038EPSS
Exploits0References2
OSV
OSV
added 2014/12/10 3:59 p.m.1 views

DEBIAN-CVE-2014-8298

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

7.5CVSS8AI score0.03038EPSS
Exploits0References1
Prion
Prion
added 2014/12/10 3:59 p.m.22 views

Server side request forgery (ssrf)

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

7.5CVSS8.4AI score0.03038EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2014/12/10 12:0 a.m.32 views

CVE-2014-8298

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

7.5CVSS6.2AI score0.03038EPSS
Exploits0References3
OSV
OSV
added 2014/12/10 12:0 a.m.1 views

UBUNTU-CVE-2014-8298

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service segmentation fault...

7.5CVSS6.2AI score0.03038EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2014/12/09 12:0 a.m.3 views

PT-2014-1854 · Xorg +5 · Xorg-X11-Server +14

Name of the Vulnerable Software and Affected Versions: xorg-x11-server versions 1.15.0 through 1.16.x before 1.16.3 xorg-x11-server-Xdmx version 1.15.0 xorg-x11-server-Xnest version 1.15.0 xorg-x11-server-Xephyr version 1.15.0 xorg-x11-server-source version 1.15.0 xorg-x11-server-debuginfo versio...

7.5CVSS7.5AI score0.05192EPSS
Exploits0References93
FreeBSD
FreeBSD
added 2014/12/09 12:0 a.m.35 views

xserver -- multiple issue with X client request handling

Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way the X server code base handles requests from X clients, and has worked with X.Org's security team to analyze, confirm, and fix these issues. The vulnerabilities cou...

6.5CVSS7.3AI score0.05192EPSS
Exploits0References1
OSV
OSV
added 2014/12/09 12:0 a.m.5 views

UBUNTU-CVE-2014-8103

X.Org Server aka xserver and xorg-server 1.15.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index value to the 1 sprocdri3queryversion, 2 sprocdri3open, 3...

6.5CVSS7.5AI score0.03379EPSS
Exploits0References4
OSV
OSV
added 2014/12/09 12:0 a.m.1 views

UBUNTU-CVE-2014-8094

Integer overflow in the ProcDRI2GetBuffers function in the DRI2 extension in X.Org Server aka xserver and xorg-server 1.7.0 through 1.16.x before 1.16.3 allows remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request, which triggers an...

6.5CVSS7.5AI score0.04299EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2014/12/03 12:0 a.m.36 views

NVIDIA UNIX driver -- remote denial of service or arbitrary code execution

NVIDIA Unix security team reports: The GLX indirect rendering support supplied on NVIDIA products is subject to the recently disclosed X.Org vulnerabilities CVE-2014-8093, CVE-2014-8098 as well as internally identified vulnerabilities CVE-2014-8298. Depending on how it is configured, the X server...

7.5CVSS7.7AI score0.05192EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/11/30 11:0 a.m.29 views

CVE-2014-8958

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...

4.3CVSS5.3AI score0.02441EPSS
Exploits0
OSV
OSV
added 2014/11/21 1:38 p.m.5 views

MGASA-2014-0480 Updated kdebase4-workspace packages fix security vulnerability and various bugs

This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14578, and fixes some additional issues: - fix foreground color for GTK2 menus bko127861, - improve contrast for rendering checkbox marks, arrows, etc. bko337433, -...

7.2CVSS6.3AI score0.00388EPSS
Exploits0References6
exploitpack
exploitpack
added 2014/11/17 12:0 a.m.27 views

Apple Mac OSX Safari 8.0 - Crash (PoC)

Apple Mac OSX Safari 8.0 - Crash PoC @w3bd3vil svg padding-top: 1337%; box-sizing: border-box; 0x7fff8ab10282: jae 0x7fff8ab1028c ; pthreadkill + 20 0x7fff8ab10284: movq %rax, %rdi 0x7fff8ab10287: jmp 0x7fff8ab0bca3 ; cerrornocancel 0x7fff8ab1028c: retq lldb register read General Purpose Register...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.42 views

openSUSE Security Update : chromium (openSUSE-SU-2014:1378-1)

Update to Chromium 38.0.2125.101 This update includes 159 security fixes, including 113 relatively minor fixes. Highlighted securtiy fixes are: CVE-2014-3188: A combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox CVE-2014-3189: Out-of-bounds read in PDFium...

10CVSS7.4AI score0.0595EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2014/11/03 12:0 a.m.30 views

openSUSE Security Update : firefox / mozilla-nspr / mozilla-nss (openSUSE-SU-2014:1344-1)

update to Firefox 33.0 bnc900941 New features : - OpenH264 support sandboxed - Enhanced Tiles - Improved search experience through the location bar - Slimmer and faster JavaScript strings - New CSP Content Security Policy backend - Support for connecting to HTTP proxy over HTTPS - Improved...

10CVSS7.9AI score0.05811EPSS
Exploits1References37
Tenable Nessus
Tenable Nessus
added 2014/11/03 12:0 a.m.30 views

openSUSE Security Update : firefox / mozilla-nspr / mozilla-nss and seamonkey (openSUSE-SU-2014:1345-1)

update to Firefox 33.0 bnc900941 New features : - OpenH264 support sandboxed - Enhanced Tiles - Improved search experience through the location bar - Slimmer and faster JavaScript strings - New CSP Content Security Policy backend - Support for connecting to HTTP proxy over HTTPS - Improved...

10CVSS7.9AI score0.05811EPSS
Exploits1References37
Fedora
Fedora
added 2014/11/01 4:48 p.m.9 views

[SECURITY] Fedora 21 Update: webkitgtk3-2.4.7-1.fc21

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

1.8AI score
Exploits0
Fedora
Fedora
added 2014/11/01 4:41 p.m.9 views

[SECURITY] Fedora 21 Update: webkitgtk4-2.6.2-1.fc21

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

1.8AI score
Exploits0
Rows per page
Query Builder