16 matches found
RHCOS 2 : rubygems (RHSA-2014:0207)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0207 advisory. - rubygems: version regex algorithmic complexity vulnerability CVE-2013-4287 Note that Nessus has not tested for this issue but has instead...
RHCOS 1 : openshift-origin-broker-util (RHSA-2014:0461)
The remote Red Hat Enterprise Linux CoreOS 1 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:0461 advisory. - mcollective: world readable client config CVE-2014-0164 Note that Nessus has not tested for this issue but has instead relied only on the...
RHCOS 2 : rubygem-openshift-origin-node (RHSA-2014:0530)
The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:0530 advisory. - OpenShift: downloadable cartridge source url file command execution as root CVE-2014-0233 Note that Nessus has not tested for this issue bu...
MiracleLinux 4 : bash-4.1.2-15.AXS4.1 (AXSA:2014-549:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-549:01 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful...
MiracleLinux 3 : php-5.1.6-44.0.1.AXS3 (AXSA:2014-322:02)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-322:02 advisory. PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing database-enabled...
MiracleLinux 4 : libxml2-2.7.6-14.1.0.2.AXS4 (AXSA:2014-350:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-350:02 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...
MiracleLinux 4 : squid-3.1.10-22.AXS4 (AXSA:2014-517:03)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-517:03 advisory. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional...
MiracleLinux 3 : xalan-j2-2.7.0-6jpp.2.0.1.AXS3 (AXSA:2014-250:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-250:01 advisory. Xalan is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements the W3C Recommendations for XSL...
MiracleLinux 4 : tomcat6-6.0.24-78.AXS4 (AXSA:2014-496:04)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-496:04 advisory. Description : Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages...
CVE-2014-125034
creationtimestamp| type| source ---|---|--- 2023-01-02 14:21:18+00:00| seen| https://t.me/cibsecurity/55735...
ar.com.jmfsg:api-doc (>=0.0.20 <=0.0.34), be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3) +1208 more potentially affected by CVE-2014-1904 via org.springframework:spring-webmvc (>=3.0.0.RELEASE <=3.2.7.RELEASE)
org.springframework:spring-webmvc MAVEN version =3.0.0.RELEASE, =0.0.20, =0.3.3, =0.1.0, =1.0.0, =0.2, =3.0.1, =1.0.0-RELEASE, =3.0.10, =3.0.10, =4.2.1, =4.2.1, =4.2.1, =4.2.15 and more Source cves: CVE-2014-1904 Source advisory: OSV:GHSA-FF7P-JQJM-V66H...
wireshark: CUPS dissector crash (wnpa-sec-2014-15)
The 1 getquotedstring and 2 getunquotedstring functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service buffer over-read and application crash via a CUPS packet that lacks a trailing '\0' character...
PYSEC-2014-34
uidcatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL...
nss: Race-condition in certificate verification can lead to Remote code execution (MFSA 2014-63)
A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application...
Fedora 19 : kernel-3.14.15-100.fc19 (2014-9142)
The 3.14.15 stable update contains a number of important fixes across the tree. The 3.14.14 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
JIRA Issues Collector Directory Traversal
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'JIRA Issues Collector Directory Traversal', 'Description' = %q This module exploits a directory traversal flaw in JIRA 6.0.3. The...