CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/01/10 10:29 p.m.•28 views

CVE-2018-0004

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and...

7.1CVSS6.5AI score0.01246EPSS

Exploits0References2

Kitploit•added 2018/01/10 1:11 p.m.•20 views

SNMPwn - An SNMPv3 User Enumerator and Attack tool

SNMPwn is an SNMPv3 user enumerator and attack tool. It is a legitimate security tool designed to be used by security professionals and penetration testers against hosts you have permission to test. It takes advantage of the fact that SNMPv3 systems will respond with "Unknown user name" when an...

7.3AI score

Exploits0References1

Metasploit•added 2018/01/08 8:27 p.m.•36 views

NIS ypserv Map Dumper

This module dumps the specified map from NIS ypserv. The following examples are from ypcat -x: Use "ethers" for map "ethers.byname" Use "aliases" for map "mail.aliases" Use "services" for map "services.byname" Use "protocols" for map "protocols.bynumber" Use "hosts" for map "hosts.byname" Use...

7.4AI score

Qualys Blog•added 2018/01/05 7:10 p.m.•29 views

Qualys Cloud Platform 2.31 New Features

This release of the Qualys Cloud Platform version 2.31 includes updates and new features for AssetView, Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows. AssetView Use custom severities in AV searches and...

6.9AI score

OSV•added 2017/12/21 6:18 p.m.•17 views

MGASA-2017-0460 Updated java-1.8.0-openjdk packages fix security vulnerabilities

Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...

9.6CVSS7.7AI score0.16181EPSS

RedHat Linux•added 2017/12/13 4:48 p.m.•3 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server...

RedHat Linux•added 2017/12/12 9:16 a.m.•5 views

ovirt-engine: webadmin log out must logout all sessions

It was discovered that the ovirt-engine webadmin session would not properly enforce timeouts. Browser sessions would remain logged in beyond the administratively configured session timeout period...

6.8CVSS6.4AI score0.00519EPSS

Exploits1References4

RedHat Linux•added 2017/12/12 9:16 a.m.•37 views

Low: Red Hat Security Advisory: org.ovirt.engine-root security, bug fix, and enhancement update

An update for org.ovirt.engine-root is now available for Red Hat Virtualization Manager version 4.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.8CVSS6.4AI score0.00519EPSS

Exploits1References8

RedHat Linux•added 2017/12/06 1:42 p.m.•1 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

Citrix•added 2017/12/05 12:0 a.m.•10 views

PVS Console | Fails to load farm\site\server details with error 'Server communication timeout'

The PVS Console throws following error while expanding farm\site\server details: 'Server communication timeout' MMC Console timeouts may also be seen. Now consider a Large AD Environment, where there are multiple Domains and the PVS Administrator User account used to access the PVS Console is par...

7AI score

RedHat Linux•added 2017/11/28 8:43 p.m.•6 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

RedHat Linux•added 2017/11/27 6:4 p.m.•4 views

OpenJDK: no default network operations timeouts in FtpClient (Networking, 8181612)

Fedora•added 2017/11/22 2:34 a.m.•31 views

[SECURITY] Fedora 26 Update: perl-Net-Ping-External-0.15-11.fc26

Net::Ping::External is a module which interfaces with the "ping" command on many systems. It presently provides a single function, ping, that takes in a hostname and optionally a timeout and returns true if the host is alive, and false otherwise. Unless you have the ability and willingness to run...

10CVSS0.7AI score0.06189EPSS

Tenable Nessus•added 2017/11/20 12:0 a.m.•602 views

F5 Networks BIG-IP : BIG-IP SSL vulnerability (K21905460) (ROBOT)

On BIG-IP versions 11.6.0-11.6.2 fixed in 11.6.2 HF1, 12.0.0-12.1.2 HF1 fixed in 12.1.2 HF2, or 13.0.0-13.0.0 HF2 fixed in 13.0.0 HF3 a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA, which when...

7.4CVSS7.3AI score0.21552EPSS

Exploits1References2

Citrix•added 2017/11/09 12:0 a.m.•7 views

Creation of Platform Layer fails with a time out error from Vsphere

During creation of Platform layer, Task fails and we get an error on the App layering console as "A timeout occurred waiting for a vsphere task to complete"...

7.1AI score

Citrix•added 2017/11/08 12:0 a.m.•6 views

App Layering: System -> Settings and Configuration Page Hangs at "In Progress", Management Console Page Timesout 5 Minutes Later

When browsing in the App Layering Management Console web page to the System - Settings and Configuration page, a box saying "In Progress..." pops up in the middle of the HTTP Certificate Settings section, and the page never finishes populating. 5 minutes later, the entire management console web...

6.8AI score