Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.20 views

Oracle Solaris Third-Party Patch Update : gtk (cve_2012_2370_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the readbitmapfiledata function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service application crash via a negative 1 height or 2 width in ...

5CVSS6.5AI score0.04096EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : pidgin (cve_2012_3374_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. CVE-2012-3374 %NASLMINLEVE...

7.5CVSS6.1AI score0.06402EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.35 views

Oracle Solaris Third-Party Patch Update : samba (cve_2012_6150_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote...

8.3CVSS8.1AI score0.0379EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.32 views

Oracle Solaris Third-Party Patch Update : sudo (cve_2012_2337_restriction_bypass)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunist...

7.2CVSS7.5AI score0.00399EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.25 views

Oracle Solaris Third-Party Patch Update : sendmail (cve_2014_3956_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended...

1.9CVSS5.4AI score0.0063EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.37 views

Oracle Solaris Third-Party Patch Update : xdg-utils (cve_2008_0386_improper_input)

The remote Solaris system is missing necessary patches to address security updates : - Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email. CVE-2008-0386 %NASLMINLEVEL 70300 C Tenab...

6.8CVSS8.3AI score0.03171EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : squid (cve_2011_3205_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial o...

6.8CVSS8.2AI score0.27454EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.34 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark11)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory...

5CVSS7.3AI score0.03409EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : bind (cve_2012_1667_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows...

8.5CVSS6.7AI score0.13405EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.64 views

Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)

The remote Solaris system is missing necessary patches to address security updates : - The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which...

4.3CVSS7AI score0.35584EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.34 views

Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The bsdglob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service crash via a glob expression with the GLOBALTDIRFUNC flag, which triggers an...

4.3CVSS8.2AI score0.01397EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.307 views

Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)

The remote Solaris system is missing necessary patches to address security updates : - The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive...

6.8CVSS8.8AI score0.02455EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.32 views

Oracle Solaris Third-Party Patch Update : icu (cve_2013_0900_race_conditions)

The remote Solaris system is missing necessary patches to address security updates : - Race condition in the International Components for Unicode ICU functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a...

6.8CVSS8.3AI score0.01339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark10)

The remote Solaris system is missing necessary patches to address security updates : - The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote...

4.3CVSS7.2AI score0.02964EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.55 views

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird4)

The remote Solaris system is missing necessary patches to address security updates : - CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web...

9.3CVSS8.4AI score0.0663EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.15 views

Oracle Solaris Third-Party Patch Update : librsvg (cve_2011_3146_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and possibly execute arbitrary code via a SV...

6.8CVSS8.7AI score0.04418EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.46 views

Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service...

7.5CVSS8.4AI score0.61604EPSS
Exploits14References7
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.28 views

Oracle Solaris Third-Party Patch Update : facter (cve_2014_3248_untrusted_search)

The remote Solaris system is missing necessary patches to address security updates : - Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when...

6.2CVSS6.8AI score0.00537EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.19 views

Oracle Solaris Third-Party Patch Update : jinja2 (multiple_vulnerabilities_in_jinja2)

The remote Solaris system is missing necessary patches to address security updates : - FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this...

4.4CVSS8.1AI score0.0043EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.12 views

Oracle Solaris Third-Party Patch Update : libotr (cve_2012_3461_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/ proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a...

4.3CVSS5.8AI score0.03441EPSS
Exploits0References3
Rows per page
Query Builder