Lucene search
+L

152 matches found

cvelist
cvelist
added 2020/03/25 9:14 p.m.17 views

CVE-2020-6806

By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...

9.2AI score0.02543EPSS
Exploits0References7
bdu_fstec
bdu_fstec
added 2020/03/20 12:0 a.m.5 views

The vulnerability of Intel Graphics Drivers’ installers is related to incorrect default resolutions, which allow attackers to exploit their privileges.

The vulnerability of Intel Graphics Drivers’ installers is related to incorrect default resolutions. Exploiting this vulnerability can allow attackers to increase their privileges...

6.7CVSS6.5AI score0.00308EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2020/03/16 1:41 p.m.6 views

Mozilla: BodyStream:: OnInputStreamReady was missing protections against state confusion

The Mozilla Foundation Security Advisory describes this flaw as: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash...

8.8CVSS7.3AI score0.02543EPSS
Exploits0References5
redhat
redhat
added 2020/03/16 10:0 a.m.7 views

Mozilla: BodyStream:: OnInputStreamReady was missing protections against state confusion

The Mozilla Foundation Security Advisory describes this flaw as: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash...

8.8CVSS7.3AI score0.02543EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2020/03/11 12:0 a.m.39 views

CVE-2020-6806

By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6...

8.8CVSS7.2AI score0.02543EPSS
Exploits0References6
fedora
fedora
added 2020/02/09 1:32 a.m.12 views

[SECURITY] Fedora 31 Update: libasr-1.0.4-1.fc31

Libasr allows to run DNS queries and perform hostname resolutions in a fully asynchronous fashion. The implementation is thread-less, fork-less, and doe s not make use of signals or other "tricks" that might get in the developer's way. The API was initially developed for the OpenBSD operating...

0.2AI score
Exploits0
openvas
openvas
added 2020/02/09 12:0 a.m.10 views

Fedora: Security Advisory for libasr (FEDORA-2020-270ef80e9e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
thn
thn
added 2020/01/22 3:55 p.m.4 views

250 Million Microsoft Customer Support Records Exposed Online

If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million "Customer Service and Support" CSS records on...

5.8AI score
Exploits0
virtuozzo
virtuozzo
added 2019/11/21 12:0 a.m.54 views

Product update: Virtuozzo Infrastructure Platform 3.0 Update 4 (3.0.4-63)

This update provides bug fixes and improvements. Vulnerability id: VSTOR-26618, VSTOR-27446 Update Storage config files could be overwritten during the update. Vulnerability id: VSTOR-26621 Storage CS removal could get stuck in the "failed release" state. Vulnerability id: VSTOR-26764, VSTOR-2683...

0.9AI score
Exploits0
bdu_fstec
bdu_fstec
added 2019/10/01 12:0 a.m.5 views

The vulnerability of the kscreen utility for supporting multiple monitor configurations in the Astra Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the kscreen utility for supporting multiple monitors in the Astra Linux operating system is related to scaling errors when changing screen resolutions. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

4.3CVSS5.6AI score
Exploits0References1
osv
osv
added 2019/08/23 2:15 p.m.6 views

CVE-2019-11586

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS6AI score0.00647EPSS
Exploits0References1
prion
prion
added 2019/08/23 2:15 p.m.21 views

Cross site request forgery (csrf)

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS4.7AI score0.00647EPSS
Exploits0References1Affected Software2
atlassian
atlassian
added 2019/08/09 3:51 a.m.76 views

The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS6.1AI score0.00647EPSS
Exploits0Affected Software1
atlassian
atlassian
added 2019/08/09 3:51 a.m.32 views

The AddResolution.jspa resource was vulnerable to CSRF - CVE-2019-11586

The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery CSRF vulnerability...

4.3CVSS6.1AI score0.00647EPSS
Exploits0
oraclelinux
oraclelinux
added 2019/07/30 12:0 a.m.55 views

python36:3.6 security update

python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...

9.8CVSS1.3AI score0.03525EPSS
Exploits3
veracode
veracode
added 2019/05/02 5:40 a.m.35 views

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

9.8CVSS4.6AI score0.9986EPSS
Exploits1References12Affected Software1
nessus
nessus
added 2019/04/05 12:0 a.m.19 views

Fedora 28 : firefox (2019-a51d6c2384)

Updated to latest upstream 66.0.2 - Fixed BlueJeans playback issues Bug 1691831 ---- - Wayland popup menu/ tooltip fixes mozbz1539471 ---- - New upstream version with Pwn2Own security fixes - Details at https://www.mozilla.org/en-US/firefox/66.0.1/releasenote s/ Note that Tenable Network Security...

5.4AI score
Exploits0References2
oraclelinux
oraclelinux
added 2018/07/23 12:0 a.m.179 views

java-1.8.0-openjdk security update

1:1.8.0.181-7.b13 - Update to aarch64-jdk8u181-b13. - Remove 8187577/PR3578 now applied upstream. - Resolves: rhbz1594249 1:1.8.0.181-3.b04 - Fix hook to show hserr.log files on failures. - Resolves: rhbz1594249 1:1.8.0.181-3.b04 - Fix requires/provides filters for internal libs. See RHBZ1590796 ...

4.3CVSS7.2AI score0.04184EPSS
Exploits0
kitploit
kitploit
added 2018/05/20 10:45 p.m.48 views

Dnsmorph - Domain Name Permutation Engine Written In Go

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs. DNSMORPH includes the following domain...

7.4AI score
Exploits0References4
oraclelinux
oraclelinux
added 2018/04/19 12:0 a.m.82 views

java-1.8.0-openjdk security update

1:1.8.0.171-7.b10 - Bump release number to be greater than RHEL 7.6 package to allow build with .el7 suffix - Resolves: rhbz1559766 1:1.8.0.171-4.b10 - Rebuilding due to bad nss-softokn brew-root build override - Resolves: rhbz1559766 1:1.8.0.171-3.b10 - Fix jconsole.desktop.in subcategory,...

8.3CVSS0.9AI score0.15141EPSS
Exploits0
Rows per page
Query Builder