Lucene search
K

167 matches found

Debian CVE
Debian CVE
added 2018/11/18 7:0 p.m.87 views

CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

7.8CVSS6.8AI score0.00554EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2018/11/18 12:0 a.m.3 views

PT-2018-14941 · Gnome +2 · Gnome Keyring +2

Name of the Vulnerable Software and Affected Versions: GNOME Keyring versions prior to 3.28.2 Description: The issue allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked. This occurs because available D-Bus protection...

7.8CVSS7.6AI score0.00554EPSS
Exploits1References17
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:0 a.m.22 views

Security Bulletin: IBM PowerVC is impacted by OpenStack Glance server-side request forgery (CVE-2017-7200)

Summary IBM PowerVC may disclose some sensitive information while creating images with 'copyfrom' feature in the v1 Image Service API. Vulnerability Details CVEID: CVE-2017-7200 DESCRIPTION: OpenStack Glance is vulnerable to server-side request forgery, caused by a flaw in the 'copyfrom' feature ...

5.8CVSS0.6AI score0.02034EPSS
Exploits0Affected Software1
Prion
Prion
added 2018/04/18 2:29 p.m.20 views

Double free

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double fre...

10CVSS8.1AI score0.01252EPSS
Exploits0References2
OSV
OSV
added 2017/10/19 5:29 p.m.4 views

CVE-2017-10037

Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware subcomponent: Web Service API. Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI...

7.5CVSS7.3AI score0.02603EPSS
Exploits0References3
Prion
Prion
added 2017/10/19 5:29 p.m.25 views

Code injection

Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware subcomponent: Web Service API. Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI...

5CVSS6.6AI score0.02603EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/10/19 5:0 p.m.68 views

CVE-2017-10037

CVE-2017-10037 is a vulnerability in Oracle Fusion Middleware’s Oracle BI Publisher (Web Service API subcomponent). Affected are BI Publisher versions 11.1.1.7.0 and 11.1.1.9.0. An unauthenticated attacker with network access via HTTP can compromise BI Publisher, potentially enabling unauthorized...

7.5CVSS7.4AI score0.02603EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/10/18 12:0 a.m.4 views

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2017-31688)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. Oracle BI Publisher formerly known as XML Publisher is one of the reporting component. An unspecified...

7.5CVSS7.7AI score0.02603EPSS
Exploits0References1
NVD
NVD
added 2017/03/21 6:59 a.m.20 views

CVE-2017-7200

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

5.8CVSS5.6AI score0.02034EPSS
Exploits0References4
OSV
OSV
added 2017/03/21 6:59 a.m.9 views

CVE-2017-7200

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

5.8CVSS5.5AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2017/03/21 5:47 a.m.29 views

CVE-2017-7200

The copyfrom feature in Image Service API v1 allows an attacker to perform masked network port scans. It is possible to create images with a URL such as 'http://localhost:22'. This could allow an attacker to enumerate internal network details while appearing masked, because the scan appears to...

6.5CVSS2.5AI score0.02034EPSS
Exploits0References2
CNVD
CNVD
added 2015/10/22 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Java SE (CNVD-2015-06828)

Oracle Java SE is the standard version of the Java platform is a Java2 platform to provide users with a program development environment. Oracle Java SE 6u101,7u85 8u60,Java SE Embedded 8u51, An unspecified vulnerability exists. Allows remote attackers to affect confidentiality via vectors...

5CVSS8.9AI score0.04695EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/21 12:0 a.m.4 views

Foreman Security Mechanism Bypass Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman versions prior to 1.7.5. A remote attacker could exploit this...

4CVSS6.6AI score0.01925EPSS
Exploits0References1
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.62 views

[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting

Advisory: Endeca Latitude Cross-Site Scripting RedTeam Pentesting discovered a Cross-Site Scripting XSS vulnerability in Endeca Latitude. By exploiting this vulnerability an attacker is able to execute arbitrary JavaScript code in the context of other Endeca Latitude users. Details ======= Produc...

4.3CVSS6.2AI score0.02192EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/04/21 12:0 a.m.31 views

Fedora Update for openstack-keystone FEDORA-2014-4903

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2014-4903 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

5.8CVSS6.3AI score0.02239EPSS
Exploits4References2
Metasploit
Metasploit
added 2013/12/13 11:7 p.m.34 views

Windows Manage Driver Loader

This module loads a KMD Kernel Mode Driver using the Windows Service API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SERVICEDEMANDSTART', 'boot' = 'SERVICEBOOTSTART', 'auto' =...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2013/11/08 12:0 a.m.35 views

Fedora Update for openstack-keystone FEDORA-2013-20373

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-20373 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

5CVSS6.3AI score0.03128EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/08/12 12:0 a.m.32 views

Fedora Update for openstack-keystone FEDORA-2013-10713

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-10713 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.8CVSS9.8AI score0.04863EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.24 views

Fedora Update for openstack-keystone FEDORA-2013-2168

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-2168 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

5CVSS6.4AI score0.03243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/12/10 8:55 p.m.54 views

Moderate: Red Hat Security Advisory: openstack-keystone security, bug fix, and enhancement update

Updated openstack-keystone packages that fix two security issues, multiple bugs, and add enhancements are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

4CVSS5.8AI score0.0284EPSS
Exploits0References4
Rows per page
Query Builder