Lucene search
K

1890 matches found

exploitpack
exploitpack
added 2014/06/01 12:0 a.m.15 views

Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)

Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow ROP !/usr/bin/python Exploit Title: Easy File Management Web Server v5.3 - USERID Remote Buffer Overflow ROP Version: 5.3 Date: 2014-05-31 Author: Julien Ahrens @MrTuxracer Homepage: http://www.rcesecurity.com Software Link:...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/04/02 12:0 a.m.47 views

Linux Kernel vhost-net分段内存泄露漏洞

CVE ID:CVE-2014-0131 Linux Kernel是一款开源的操作系统。 Linux Kernel vhost-net skbs分段在实现上存在安全漏洞,这可被恶意利用泄露某些内存内容。要成功利用此漏洞需要启用zerocopy。 0 Linux kernel 2.6.x 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://marc.info/?l=linux-netdev&m=139446896921968&w=2...

2.9CVSS7.6AI score0.00675EPSS
Exploits2
seebug.org
seebug.org
added 2014/02/24 12:0 a.m.22 views

Code Aurora多个产品'CONFIG_STRICT_MEMORY_RWX'安全限制绕过漏洞

BUGTRAQ ID: 65630 CVECAN ID: CVE-2013-4737 Code Aurora Forum是Linux基金会协同项目。 Code Aurora多个项目的CONFIGSTRICTMEMORYRWX功能没有正确考虑某些内存区段,在实现中存在安全漏洞,这可使远程攻击者通过固定位置的RWX内存,利用此漏洞绕过目标访问限制。 0 Code Aurora QRD Android Code Aurora Firefox OS for MSM Code Aurora Android for MSM 厂商补丁: Code Aurora -----------...

9.3CVSS2.4AI score0.01426EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2013/12/09 11:22 p.m.7 views

libjpeg: information leak (read of uninitialized memory)

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

5CVSS6.8AI score0.10117EPSS
Exploits0References4
NVD
NVD
added 2013/12/07 9:55 p.m.23 views

CVE-2013-0852

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS6.6AI score0.02108EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/10/22 5:17 p.m.2 views

xen: information leak through outs instruction emulation (XSA-67)

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information hypervisor stack content via unspecified vectors related to stale...

1.9CVSS7.1AI score0.00367EPSS
Exploits0References5
OSV
OSV
added 2013/10/17 11:55 p.m.2 views

DEBIAN-CVE-2013-4368

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information hypervisor stack content via unspecified vectors related to stale...

1.9CVSS7AI score0.00367EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/10/17 11:55 p.m.35 views

CVE-2013-4368

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information hypervisor stack content via unspecified vectors related to stale...

1.9CVSS7.1AI score0.00367EPSS
Exploits0References3
Prion
Prion
added 2013/10/17 11:55 p.m.31 views

Design/Logic Flaw

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information hypervisor stack content via unspecified vectors related to stale...

1.9CVSS6.2AI score0.00367EPSS
Exploits0References9Affected Software1
Xen Project
Xen Project
added 2013/10/10 12:0 p.m.60 views

Information leak through outs instruction emulation

ISSUE DESCRIPTION The emulation of the outs instruction for 64-bit PV guests uses an uninitialized variable as the segment base for the source data if an FS: or GS: segment override is used, and if the segment descriptor the respective non-null selector in the corresponding selector register poin...

1.9CVSS0.8AI score0.00367EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2013/08/21 12:0 a.m.112 views

kernel security and bug fix update

kernel 2.6.18-348.16.1 - x8664 Fix kdump failure due to 'x8664: Early segment setup' Paolo Bonzini 988251 987244 - xen skip tracing if it was disabled instead of dying Igor Mammedov 987976 967053 - ia64 fix KABI breakage on ia64 Prarit Bhargava 966878 960783 - x86 fpu: fix CONFIGPREEMPT=y...

6.9CVSS7.3AI score0.04707EPSS
Exploits5
Amazon
Amazon
added 2013/07/12 12:0 a.m.61 views

Important: java-1.6.0-openjdk

Issue Overview: Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470,...

10CVSS9.7AI score0.98704EPSS
Exploits23References1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.50 views

Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2013-0958)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0958 advisory. 1.7.0.25-2.3.10.4.0.1.el59 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.25-2.3.10.4.el5 - updated to newer IcedTea7-fores...

10CVSS7.9AI score0.98704EPSS
Exploits32References30
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.272 views

Oracle Linux 5 : kernel (ELSA-2010-0661)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0661 advisory. - mm accept an abutting stack segment Jiri Pirko 607857 607858 CVE-2010-2240 - mm pass correct mm when growing stack Jiri Pirko 607857 607858 CVE-2010-2240 - mm...

7.2CVSS6.4AI score0.00716EPSS
Exploits1References2
Cent OS
Cent OS
added 2013/07/04 10:7 a.m.82 views

java security update

CentOS Errata and Security Advisory CESA-2013:1014 Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

10CVSS7.4AI score0.98704EPSS
Exploits23References7
RedHat Linux
RedHat Linux
added 2013/07/03 5:4 p.m.66 views

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

10CVSS7.4AI score0.98704EPSS
Exploits23References26
Cent OS
Cent OS
added 2013/06/20 6:43 a.m.84 views

java security update

CentOS Errata and Security Advisory CESA-2013:0957 Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...

10CVSS7.4AI score0.98704EPSS
Exploits32References7
Tenable Nessus
Tenable Nessus
added 2013/06/20 12:0 a.m.39 views

RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0957)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0957 advisory. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in...

10CVSS8.4AI score0.98704EPSS
Exploits32References63
OSV
OSV
added 2013/03/01 12:37 p.m.1 views

DEBIAN-CVE-2013-0228

The xeniret function in arch/x86/xen/xen-asm32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirtops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application...

6.2CVSS6.5AI score0.00394EPSS
Exploits1References1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.75 views

TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager Segment Advisor Arbitrary URL redirection/phishing vulnerability February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5,...

4.3CVSS1AI score0.01228EPSS
Exploits0
Rows per page
Query Builder