Lucene search
K

938 matches found

UbuntuCve
UbuntuCve
added 2018/02/19 5:29 p.m.17 views

CVE-2018-7226

An issue was discovered in vcSetXCutTextProc in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC...

9.8CVSS7.2AI score0.02323EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/02/12 6:32 p.m.10 views

ipage.com XSS vulnerability

Open Bug Bounty ID: OBB-558108 Description| Value ---|--- Affected Website:| ipage.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.4AI score
Exploits0
Prion
Prion
added 2018/02/09 10:29 p.m.16 views

Security feature bypass

The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment...

6.9CVSS6.9AI score0.03081EPSS
Exploits13References10Affected Software1
Positive Technologies
Positive Technologies
added 2018/01/29 12:0 a.m.4 views

PT-2018-8395 · Canonical +2 · Cpio

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific issue. It appears to be related to the management of vulnerability identifiers, indicating that a particula...

4.6AI score
Exploits3References6
Fedora
Fedora
added 2017/11/20 5:59 p.m.63 views

[SECURITY] Fedora 25 Update: backintime-1.1.24-1.fc25

Back In Time is a simple backup system for Linux inspired from =EF=BF=BD=EF=BF=BD=EF=BF=BDflyback project=EF=BF=BD=EF=BF=BD=EF=BF=BD and =EF=BF=BD=EF=BF=BD=EF=BF=BDTimeVault=EF=BF=BD=EF=BF=BD=EF=BF=BD. The backup is done by taking snapshots of a specified set of directories...

9.3CVSS2.6AI score0.01462EPSS
Exploits0
Prion
Prion
added 2017/10/05 1:29 a.m.22 views

Default credentials

Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenki...

2.6CVSS7.5AI score0.00769EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/06/30 8:29 p.m.17 views

Path traversal

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

4.3CVSS6.5AI score0.01494EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/26 3:29 p.m.17 views

Design/Logic Flaw

Automatic Bug Reporting Tool ABRT allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on 1 /var/tmp/abrt//maps, 2 /tmp/jvm-/hserror.log, 3 /proc//exe, 4 /etc/os-release in a chroot, or 5 an unspecified root directory relate...

7.2CVSS6.7AI score0.04815EPSS
Exploits4References11
RedHat Linux
RedHat Linux
added 2017/06/20 8:20 p.m.10 views

SAT 5 XSS in the Failed Systems page

A cross-site scripting XSS flaw was found in how the failed action entry is processed in Satellite 5. A user able to specify a failed action could exploit this flaw to perform XSS attacks against other Satellite users...

5.4CVSS5.6AI score0.00641EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2017/03/03 12:0 a.m.1 views

PT-2018-5107 · Xmlsoft +1 · Libxml2 +1

Name of the Vulnerable Software and Affected Versions: libxml2 affected versions not specified Description: The issue allows context-dependent attackers to cause a denial of service stack consumption via a crafted XML document. This problem exists due to an incorrect fix for a previous issue...

10CVSS7AI score0.08628EPSS
Exploits11References57
0day.today
0day.today
added 2017/01/19 12:0 a.m.22 views

Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes)

/ --------------------------------------------------------------------------------------------------- Linux/x8664 - Bind 5600 TCP Port - shellcode - 87 bytes Ajith Kp http://fb.com/ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa...

Exploits0
OSV
OSV
added 2016/10/13 7:59 p.m.2 views

CVE-2016-6968

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...

9.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/10/12 12:0 a.m.2 views

PT-2016-2986 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing a remote attacker to potentially execute arbitrary code or cause a denial of service memory corruption...

10CVSS9.3AI score0.19899EPSS
Exploits4References70
Positive Technologies
Positive Technologies
added 2016/09/14 12:0 a.m.6 views

PT-2016-7170 · Alt Linux +2 · Alt Linux +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided input. Description: The issue is related to a security problem, but details are not provided in the input. Recommendations: At the moment, there is no information about a newer...

9.3CVSS7.8AI score0.19443EPSS
Exploits2References150
Positive Technologies
Positive Technologies
added 2016/08/25 12:0 a.m.4 views

PT-2016-3550 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue allows remote attackers to cause a denial of service via a crafted DDS file, specifically affecting the coders/dds.c component in ImageMagick. Recommendations: At the moment,...

9.8CVSS7AI score0.13393EPSS
Exploits15References408
Positive Technologies
Positive Technologies
added 2016/07/12 12:0 a.m.1 views

PT-2016-2427 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker to execute arbitrary code. Recommendations: At the moment, there is...

9.3CVSS7.6AI score0.36456EPSS
Exploits26References299
Positive Technologies
Positive Technologies
added 2016/07/12 12:0 a.m.1 views

PT-2016-2349 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service memory corruption. Recommendations: At the moment,...

10CVSS8.2AI score0.36456EPSS
Exploits28References380
Positive Technologies
Positive Technologies
added 2016/07/12 12:0 a.m.2 views

PT-2016-2359 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service memory corruption. Recommendations: At the moment,...

10CVSS8.1AI score0.36456EPSS
Exploits26References309
Positive Technologies
Positive Technologies
added 2016/05/13 12:0 a.m.2 views

PT-2016-5851 · Adobe +1 · Flash Player +1

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue allows attackers to execute arbitrary code or cause a denial of service memory corruption error. Recommendations: At the moment, there is no information about a newer...

10CVSS8.7AI score0.94354EPSS
Exploits14References71
Positive Technologies
Positive Technologies
added 2016/04/08 12:0 a.m.2 views

PT-2016-1669 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service memory corruption. Recommendations: At the moment,...

10CVSS8.5AI score0.94354EPSS
Exploits19References184
Rows per page
Query Builder