Lucene search
K

8440 matches found

Tenable Nessus
Tenable Nessus
added 2020/02/19 12:0 a.m.66 views

RHEL 7 : sudo (RHSA-2020:0540)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0540 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

7.8CVSS7.9AI score0.19426EPSS
Exploits13References4
Tenable Nessus
Tenable Nessus
added 2020/02/19 12:0 a.m.53 views

Scientific Linux Security Update : sudo on SL7.x x86_64 (20200218)

Security Fixes : - sudo: Stack based buffer overflow when pwfeedback is enabled CVE-2019-18634 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid133789; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate",...

7.8CVSS7.6AI score0.19426EPSS
Exploits13References2
Prion
Prion
added 2020/02/17 9:15 p.m.28 views

Stack overflow

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different...

6.8CVSS9AI score0.11055EPSS
Exploits5References7Affected Software4
Core Security
Core Security
added 2020/02/17 12:0 a.m.117 views

: Viper RGB Driver Multiple Vulnerabilities

1. Advisory Information Title : Viper RGB Driver Multiple Vulnerabilities Advisory ID : CORE-2020-0001 Advisory URL : https://www.coresecurity.com/core-labs/advisories/viper-rgb-driver-multiple-vulnerabilities Date published : 2020-02-17 Date of last update : 2020-02-14 Vendors contacted : Patrio...

7.8CVSS8.4AI score0.00507EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/02/14 12:0 a.m.31 views

RHEL 8 : sudo (RHSA-2020:0487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0487 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

7.8CVSS7.9AI score0.19426EPSS
Exploits13References4
CVE
CVE
added 2020/02/13 4:17 a.m.109 views

CVE-2020-8962

CVE-2020-8962 describes a stack-based buffer overflow in the D-Link DIR-842 REVC, caused by the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint (firmware v3.13B09 HOTFIX). The provided documents do not explicitly detail the impact beyond the overflow descriptio...

9.8CVSS9.6AI score0.01797EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/02/13 4:17 a.m.15 views

CVE-2020-8962

A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint...

9.7AI score0.01797EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2020/02/12 12:0 a.m.31 views

Adobe FrameMaker TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS5.8AI score0.04528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/02/11 12:0 a.m.38 views

Apple macOS IO80211Family Stack-based Buffer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.1CVSS3.9AI score0.00345EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/02/11 12:0 a.m.30 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ‘Windows Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at March 17, 2020 8:31pm UTC reported: Analysis performed using ipnathlp.dll from Windows Server 2019 x64 sha256:...

9CVSS8.8AI score0.13253EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/02/11 12:0 a.m.54 views

HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities

The HPE Intelligent Management Center iMC dbman process running on the remote host is affected by multiple vulnerabilities : - A command injection vulnerability exists due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this, via a series of specially...

10CVSS9.1AI score0.04359EPSS
Exploits0References3
OSV
OSV
added 2020/02/09 7:13 p.m.8 views

MGASA-2020-0081 Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

7.8CVSS7.8AI score0.19426EPSS
Exploits13References5
Prion
Prion
added 2020/02/05 7:15 p.m.18 views

Stack overflow

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...

10CVSS7.6AI score0.04173EPSS
Exploits0References2Affected Software21
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/04 4:40 p.m.28 views

Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

9.8CVSS2AI score0.1425EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/02/03 12:0 a.m.50 views

FreeBSD : sudo -- Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317)

Todd C. Miller reports : Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key...

7.8CVSS7.6AI score0.19426EPSS
Exploits13References3
Talos
Talos
added 2020/02/03 12:0 a.m.25 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate...

7.5CVSS7.7AI score0.02197EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2020/01/31 10:15 p.m.20 views

CVE-2014-8322

Stack-based buffer overflow in the tcptest function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value...

9.8CVSS7.4AI score0.23925EPSS
Exploits3References3
NVD
NVD
added 2020/01/31 6:15 p.m.14 views

CVE-2013-3488

Stack-based buffer overflow in Media Player Classic - Home Cinema MPC-HC before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream M2TS file...

7.8CVSS8AI score0.02514EPSS
Exploits0References2
CVE
CVE
added 2020/01/31 5:46 p.m.103 views

CVE-2013-3488

CVE-2013-3488 affects Media Player Classic - Home Cinema (MPC-HC) prior to 1.7.0.7858. The vulnerability is a stack-based buffer overflow in processing MPEG-2 Transport Stream (M2TS) files, enabling remote attackers to potentially execute arbitrary code. The public documents specify the affected ...

7.8CVSS8AI score0.02514EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/01/29 6:15 p.m.27 views

Stack overflow

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...

4.6CVSS7.7AI score0.19426EPSS
Exploits13References26Affected Software2
Rows per page
Query Builder