Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.52 views

Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl6) (POODLE)

The remote Solaris system is missing necessary patches to address security updates : - Memory leak in d1srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted handshake message. CVE-2014-3513 - The SSL...

7.1CVSS6.4AI score0.99999EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.38 views

Oracle Solaris Third-Party Patch Update : rubygems (multiple_cryptographic_issues_vulnerabilities_in1)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in Gem::Version::VERSIONPATTERN in lib/ rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby...

4.3CVSS8AI score0.03343EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.31 views

Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of servic...

5CVSS7.1AI score0.12608EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : pidgin (cve_2012_3374_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. CVE-2012-3374 %NASLMINLEVE...

7.5CVSS6.1AI score0.06402EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.36 views

Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a...

5CVSS5.5AI score0.11572EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.20 views

Oracle Solaris Third-Party Patch Update : tomcat (cve_2013_0346_permissions_privileges)

The remote Solaris system is missing necessary patches to address security updates : - DISPUTED Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has...

2.1CVSS5.5AI score0.00678EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.187 views

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_0224_cryptographic_issues1)

The remote Solaris system is missing necessary patches to address security updates : - OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.31 views

Oracle Solaris Third-Party Patch Update : libxslt (cve_2012_2807_numeric_errors)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified...

6.8CVSS8.2AI score0.01583EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.32 views

Oracle Solaris Third-Party Patch Update : sudo (cve_2012_2337_restriction_bypass)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunist...

7.2CVSS7.5AI score0.00399EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.29 views

Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

5.8CVSS6.7AI score0.73327EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2012_5134_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a...

6.8CVSS8.7AI score0.04382EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.35 views

Oracle Solaris Third-Party Patch Update : samba (cve_2012_6150_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote...

8.3CVSS8.1AI score0.0379EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.50 views

Oracle Solaris Third-Party Patch Update : sudo (multiple_permissions_privileges_and_access)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting th...

6.9CVSS8AI score0.03202EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : squid (cve_2011_3205_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial o...

6.8CVSS8.2AI score0.27454EPSS
Exploits1References3
securityvulns
securityvulns
added 2012/09/04 12:0 a.m.52 views

Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center

Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 3, 2012 Vulnerability Type= Directory Traversal Impact= - System Access - Exposure of...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2012/09/03 12:0 a.m.20 views

Sitecom Home Storage Center - Directory Traversal

Sitecom Home Storage Center - Directory Traversal Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 3, 2012 Vulnerability Type= Directory...

Exploits0
0day.today
0day.today
added 2012/09/03 12:0 a.m.19 views

Sitecom Home Storage Center Directory Traversal

Exploit for hardware platform in category web applications Directory Traversal Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 3, 2012 Vulnerability Type= Directory Traversal Impact= -...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2012/08/27 1:21 p.m.8 views

New Java Zero Day Being Used in Targeted Attacks

There is a newly discovered zero day vulnerability in Java 7 that is being used in some targeted attacks right now. The vulnerability works against Internet Explorer and Firefox and researchers say that attackers are exploiting in the wild and installing a version of the Poison Ivy RAT on...

6.8AI score
Exploits0References4
securityvulns
securityvulns
added 2010/08/09 12:0 a.m.79 views

[security bulletin] HPSBGN02501 SSRT071407 rev.1 - HP ProCurve 1800 Switches running SNMP, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02436028 Version: 1 HPSBGN02501 SSRT071407 rev.1 - HP ProCurve 1800 Switches running SNMP, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon ...

6.1CVSS0.2AI score0.00981EPSS
Exploits0
seebug.org
seebug.org
added 2010/04/09 12:0 a.m.37 views

Linux kernel 2.6.x cifs_create()函数空指针引用漏洞

BUGTRAQ ID: 39186 CVE ID: CVE-2010-1148 Linux Kernel是开放源码操作系统Linux所使用的内核 Linux Kernel的fs/cifs/dir.c文件中的cifscreate函数存在空指针引用错误。在支持unix扩展(如Samba)的服务器上创建文件时,如果所创建的文件没有提供nameidata(nd为空),cifs客户端在调用cifsposixopen时就会崩溃 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

4.7CVSS7.3AI score0.00538EPSS
Exploits2
Rows per page
Query Builder