Lucene search
K

529 matches found

Tenable Nessus
Tenable Nessus
added 2016/02/24 12:0 a.m.78 views

F5 Networks BIG-IP : NTP vulnerability (K10600056)

It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. CVE-2015-5300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP...

7.5CVSS7.3AI score0.0913EPSS
Exploits0References2
CheckPoint Security
CheckPoint Security
added 2016/02/02 7:14 a.m.29 views

Check Point response to NTP "panic threshold" Bypass Vulnerability (CVE-2015-5300)

...

5CVSS1.3AI score0.0913EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.44 views

Oracle Linux 7 : ntp (ELSA-2015-2231)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2231 advisory. - check origin timestamp before accepting KoD RATE packet CVE-2015-7704 - allow only one step larger than panic threshold with -g CVE-2015-5300 -...

7.5CVSS6.6AI score0.1095EPSS
Exploits0References6
Debian
Debian
added 2015/11/01 10:20 p.m.52 views

[SECURITY] [DSA 3388-1] ntp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3388-1 [email protected] https://www.debian.org/security/ Kurt Roeckx November 01, 2015 https://www.debian.org/security/faq -...

9.8CVSS8.9AI score0.81762EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2015/10/28 12:0 a.m.263 views

Ubuntu 14.04 LTS : NTP vulnerabilities (USN-2783-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2783-1 advisory. Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker...

9.8CVSS7.2AI score0.81762EPSS
Exploits6References18
RedHat Linux
RedHat Linux
added 2015/10/26 9:22 p.m.5 views

ntp: MITM attacker can force ntpd to make a step larger than the panic threshold

It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that clien...

7.5CVSS7.2AI score0.0913EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/10/26 9:22 p.m.63 views

Important: Red Hat Security Advisory: ntp security update

Updated ntp packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...

7.5CVSS6.8AI score0.1095EPSS
Exploits0References3
CNVD
CNVD
added 2015/10/22 12:0 a.m.1 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2015-06840)

Oracle MySQL Server is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost, good reliability and so on. An explicit vulnerability exists in Oracle MySQL Server versions prior to 5.6.25. Allows an authenticated remot...

4CVSS7.7AI score0.02564EPSS
Exploits0References1
myhack58
myhack58
added 2015/06/29 12:0 a.m.19 views

A large number of Cisco security devices was traced to the presence of a default SSH key-vulnerability warning-the black bar safety net

! Cisco revealed that a large number of Cisco security devices was traced to the presence of a default SSH key, an attacker can use this vulnerability to control the device. The scope of the impact Cisco's security experts found that a lot of Cisco security devices in the presence of a default SS...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2014/09/12 9:40 p.m.10 views

Windows 9 Start Menu Demo Video Leaked Online

After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9, aka "Threshold," features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture, posted 20 screenshots on...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2014/05/12 12:22 p.m.36 views

Cloudflare: Password reset threshold not set

Your web application https://www.cloudflare.com does not have a password reset threshold set. this means that your client and users account can be flooded with password reset emails which can result in spam to the mailer's inbox. You should implement a threshold to prevent this attack...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2014/04/10 7:13 a.m.16 views

Ensnare Web Application Attack Detection Utility Released

BOSTON – Two engineers from Netflix this week released to open source a security tool that detects attacks against web applications—and also reacts to those attacks with responses they hope will flummox a hacker to the point that he moves on to his next target. The utility is called Ensnare and i...

7.5AI score
Exploits0References1
Veeam
Veeam
added 2013/06/26 12:0 a.m.24 views

Health Service (Monitoring Host) Handle Count has exceeded the threshold

Challenge The following alerts about handle counts on the collector server are raised: Health Service Monitoring Host Handle Count has exceeded the threshold Health Service Handle Count has exceeded the threshold Cause The monitors raising the mentioned alerts ensure that the "Process\Handle Coun...

7.1AI score
Exploits0Affected Software1
myhack58
myhack58
added 2012/09/12 12:0 a.m.28 views

Wechat arbitrary User Password Change vulnerability-vulnerability warning-the black bar safety net

Found today a micro-channel Group issued a vulnerability. Also didn't play. It is patched So it is with this vulnerability to produce The same problem arises in the reset user password link In the wechat official home on the found a new the following function modules ! After the visit to see this...

Exploits0
Debian
Debian
added 2012/06/24 12:12 p.m.69 views

[SECURITY] [DSA 2500-1] mantis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2500-1 [email protected] http://www.debian.org/security/ Florian Weimer June 24, 2012 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.03727EPSS
Exploits3
NVD
NVD
added 2012/05/17 11:0 a.m.21 views

CVE-2012-1146

The memcgroupusageunregisterevent function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have...

5.5CVSS6.5AI score0.0052EPSS
Exploits1References10
Prion
Prion
added 2012/05/17 11:0 a.m.25 views

Null pointer dereference

The memcgroupusageunregisterevent function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have...

4.9CVSS7.2AI score0.0052EPSS
Exploits1References10Affected Software5
Positive Technologies
Positive Technologies
added 2012/03/07 12:0 a.m.4 views

PT-2012-3098 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.2.10 Description: The issue is related to the mem cgroup usage unregister event function in mm/memcontrol.c, which does not properly handle multiple events attached to the same eventfd. This can be exploited b...

5.5CVSS5.5AI score0.0052EPSS
Exploits1References25
OSV
OSV
added 2012/03/07 12:0 a.m.2 views

UBUNTU-CVE-2012-1146

The memcgroupusageunregisterevent function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have...

5.5CVSS6.1AI score0.0052EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2010/11/02 12:0 a.m.42 views

Fedora 12 : freetype-2.3.11-6.fc12 (2010-15785)

Mon Oct 4 2010 Marek Kasik 2.3.11-6 - Add freetype-2.3.11-CVE-2010-2805.patch Fix comparison. - Add freetype-2.3.11-CVE-2010-2806.patch Protect against negative stringsize. Fix comparison. - Add freetype-2.3.11-CVE-2010-2808.patch Check the total length of collected POST segments. - Add...

9.3CVSS5.8AI score0.30653EPSS
Exploits13References25
Rows per page
Query Builder