Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.36 views

Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a...

5CVSS5.5AI score0.11572EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.29 views

Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

5.8CVSS6.7AI score0.73327EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.32 views

Oracle Solaris Third-Party Patch Update : sudo (cve_2012_2337_restriction_bypass)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunist...

7.2CVSS7.5AI score0.00399EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.20 views

Oracle Solaris Third-Party Patch Update : tomcat (cve_2013_0346_permissions_privileges)

The remote Solaris system is missing necessary patches to address security updates : - DISPUTED Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has...

2.1CVSS5.5AI score0.00678EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2012_5134_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a...

6.8CVSS8.7AI score0.04382EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.31 views

Oracle Solaris Third-Party Patch Update : hplip (cve_2013_0200_link_following)

The remote Solaris system is missing necessary patches to address security updates : - HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc .bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4...

1.9CVSS7.7AI score0.00444EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : pidgin (cve_2012_3374_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. CVE-2012-3374 %NASLMINLEVE...

7.5CVSS6.1AI score0.06402EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.50 views

Oracle Solaris Third-Party Patch Update : sudo (multiple_permissions_privileges_and_access)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting th...

6.9CVSS8AI score0.03202EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.28 views

Oracle Solaris Third-Party Patch Update : xorg (multiple_vulnerabilities_in_x_org2)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a...

7.5CVSS9.1AI score0.04362EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.307 views

Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)

The remote Solaris system is missing necessary patches to address security updates : - The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive...

6.8CVSS8.8AI score0.02455EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : openssl (cve_2012_2333_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer...

6.8CVSS8.2AI score0.28154EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : squid (cve_2011_3205_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial o...

6.8CVSS8.2AI score0.27454EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.34 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark11)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory...

5CVSS7.3AI score0.03409EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.24 views

Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_2141_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via ...

5CVSS7.3AI score0.04619EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.64 views

Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)

The remote Solaris system is missing necessary patches to address security updates : - The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which...

4.3CVSS7AI score0.35584EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.19 views

Oracle Solaris Third-Party Patch Update : jinja2 (multiple_vulnerabilities_in_jinja2)

The remote Solaris system is missing necessary patches to address security updates : - FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this...

4.4CVSS8.1AI score0.0043EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.29 views

Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many...

2.1CVSS7.4AI score0.00554EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : squid (multiple_vulnerabilities_in_squid)

The remote Solaris system is missing necessary patches to address security updates : - Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service memory consumption...

5CVSS7.7AI score0.23026EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.34 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark6)

The remote Solaris system is missing necessary patches to address security updates : - The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet. CVE-2013-492...

7.8CVSS6.3AI score0.03738EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.23 views

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)

The remote Solaris system is missing necessary patches to address security updates : - The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authenticati...

7.8CVSS5.5AI score0.03155EPSS
Exploits1References3
Rows per page
Query Builder