Lucene search
K

7923 matches found

RedHat Linux
RedHat Linux
added 2018/01/05 3:46 p.m.60 views

(RHSA-2018:0051) Important: rhevm-setup-plugins security, bug fix, and enhancement update

The rhevm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase...

5.6CVSS6.1AI score0.74041EPSS
Exploits8
Kitploit
Kitploit
added 2017/12/27 9:12 p.m.22 views

Relayer - SMB Relay Attack Script

Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication request to these systems with the objective of gaining a shell. Great when performing Penetration testing. Relayer makes use of Unicorn from...

7.3AI score
Exploits0References2
Citrix
Citrix
added 2017/12/18 12:0 a.m.6 views

XenDesktop Setup Wizard completes without error, but there's no VM has been created in Hyper-V SCVMM

XenDesktop Setup Wizard completes without error, but no VM has been created in Hyper-V SCVMM. And there's noparticular error messages from CDF trace either...

7.1AI score
Exploits0
FreeBSD
FreeBSD
added 2017/12/14 12:0 a.m.15 views

jenkins -- Two startup race conditions

The Jenkins project reports: A race condition during Jenkins startup could result in the wrong order of execution of commands during initialization. On Jenkins 2.81 and newer, including LTS 2.89.1, this could in rare cases we estimate less than 20% of new instances result in failure to initialize...

2.1AI score
Exploits0References1
Citrix
Citrix
added 2017/12/13 12:0 a.m.6 views

How to configure Monitor to check services status of RADIUS servers ?

Configure Monitor for RADIUS server...

7.2AI score
Exploits0
OSV
OSV
added 2017/12/12 2:29 p.m.4 views

CVE-2017-16690

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...

7.8CVSS5.8AI score0.01057EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/11 12:0 a.m.48 views

Oracle Linux 7 : postgresql (ELSA-2017-3402)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3402 advisory. 9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172 Tenable has extracted the preceding...

7.2CVSS7AI score0.00586EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/11 12:0 a.m.44 views

Fedora 26 : 2:docker (2017-3976710f1e)

Resolves: 1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-container...

6.5CVSS6.8AI score0.0247EPSS
Exploits0References3
Kitploit
Kitploit
added 2017/12/02 9:1 p.m.65 views

difuze - Fuzzer for Linux Kernel Drivers

Fuzzer for Linux Kernel Drivers Tested on Ubuntu = 14.04.5 LTS As explained in our paper, There are two main components of difuze: Interface Recovery and Fuzzing Engine 1. Interface Recovery The Interface recovery mechanism is based on LLVM analysis passes. Every step of interface recovery are...

6.6AI score
Exploits0References9
Positive Technologies
Positive Technologies
added 2017/12/02 12:0 a.m.2 views

PT-2017-3822 · Libtiff +5 · Libtiff +5

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.0.9 Description: The issue is related to a heap-based buffer overflow in the TIFFSetupStrips function of the LibTIFF library. This can be exploited by a remote attacker using a specially crafted TIFF file, potentially leadin...

9.8CVSS8.1AI score0.25183EPSS
Exploits19References151
CNVD
CNVD
added 2017/11/24 12:0 a.m.4 views

Command Execution Vulnerability in the pelco Sarix Enhanced Dot1xSetupController.php File

pelco Sarix Enhanced is a webcam. A command execution vulnerability exists in the pelco Sarix Enhanced Dot1xSetupController.php file. The vulnerability is caused due to the program failing to properly perform validity checks when processing user-submitted data, allowing an attacker who has been...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/11/24 12:0 a.m.3 views

Arbitrary File Deletion Vulnerability in the Pelco Sarix Enhanced GeneralSetupController.php File

pelco Sarix Enhanced is a webcam. An arbitrary file deletion vulnerability exists in the pelco Sarix Enhanced GeneralSetupController.php file. The vulnerability is due to the program failing to properly check for uploaded files when processing them, an attacker can delete arbitrary files in the...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2017/11/21 10:19 a.m.30 views

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

7.8CVSS8AI score0.02357EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/11/14 5:0 p.m.25 views

CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

6.5CVSS6.7AI score0.0141EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/11/14 12:0 a.m.6 views

The vulnerability of the Exchange ActiveSync component of the iOS operating system allows a hacker to delete data from the device.

The vulnerability of the Exchange ActiveSync component of the iOS operating system is related to improper handling of permissions during account setup. Exploiting this vulnerability allows a malicious actor to delete data from the device during account setup, by capturing the open AutoDiscover V1...

7.1CVSS6.5AI score0.01876EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/11/10 12:0 a.m.4 views

The vulnerability of the lp_setup() function in the Secure Boot environment loader of the Linux operating system allows a hacker to cause a system failure.

The vulnerability of the lpsetup function, a loader for the Secure Boot mechanism in Linux kernel, arises from writing beyond buffer boundaries. The Linux driver/char/lp.c code does not perform boundary checking on the parportnr array. Exploiting this vulnerability could allow an attacker to caus...

7.8CVSS6.7AI score0.00639EPSS
Exploits2References44Affected Software1
Kitploit
Kitploit
added 2017/11/06 9:30 p.m.41 views

CrunchRAT - HTTPS-based Remote Administration Tool (RAT)

CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded only one task at a time, but multi-threading or multi-tasking is currently in the works. Additional features will be included at a later date. Server The server-side of...

7.5AI score
Exploits0References1
CNVD
CNVD
added 2017/11/03 12:0 a.m.2 views

FFlets Easy Setup Tool Installer Untrusted Search Path Vulnerability

Flets Easy Setup Tool is a Flets easy setup tool from NIPPON TELEGRAPH AND TELEPHONE WEST, Japan.Installer is one of the installation programs. An untrusted search path vulnerability exists in the Installer in Flets Easy Setup Tool 1.2.0 and earlier versions. An attacker can exploit this...

7.8CVSS7.8AI score0.00911EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/11/03 12:0 a.m.32 views

CVE-2017-16525

The usbserialconsoledisconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup...

7.2CVSS6.7AI score0.00393EPSS
Exploits0References10
NVD
NVD
added 2017/11/02 3:29 p.m.10 views

CVE-2017-10825

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS7.7AI score0.00911EPSS
Exploits0References2
Rows per page
Query Builder