Lucene search
+L

453 matches found

osv
osv
added 2017/02/20 3:59 p.m.7 views

CVE-2016-6249

F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files...

5.3CVSS5.8AI score0.00334EPSS
Exploits0References2
osv
osv
added 2017/01/23 7:59 a.m.2 views

CVE-2017-5544

An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout each of the login attempts will occupy a...

5.9CVSS5.8AI score0.05267EPSS
Exploits0References2
nessus
nessus
added 2017/01/09 12:0 a.m.28 views

phpMyAdmin 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Information Disclosure

Binary data 9856.prm...

5.3CVSS7.3AI score0.02497EPSS
Exploits0References4
mskb
mskb
added 2017/01/07 12:0 a.m.6 views

Update Rollup 10 for System Center 2012 R2 Orchestrator - Service Provider Foundation

Update Rollup 10 for System Center 2012 R2 Orchestrator - Service Provider Foundation Introduction This article describes the issues that are fixed in Update Rollup 10 for Microsoft System Center 2012 R2 Orchestrator - Service Provider Foundation. It also contains the installation instructions fo...

6.9AI score
Exploits0
filippoio
filippoio
added 2017/01/02 5:13 p.m.12 views

So you want to expose Go on the Internet

I was asked to contribute a post to the excellent Gopher Academy advent series. I took the occasion to write down what I learned deploying a Go service on the Cloudflare edge. The result is a catalogue of what you need to know before you drop NGINX from in front of your Go server. The net/http pa...

6.9AI score
Exploits0
n0where
n0where
added 2016/12/08 4:5 a.m.36 views

Extremely Fast Flexible Web Fuzzer: Filebuster

Extremely Fast Flexible Web Fuzzer Filebuster was built based on one of the fastest HTTP classes in the world of PERL – Furl::HTTP. Also the thread modelling is a bit optimized to run as fast as possible. Features It packs a ton of features like: The already mentioned Regex patterns Supports...

7AI score
Exploits0References1
nessus
nessus
added 2016/10/24 12:0 a.m.15 views

openSUSE Security Update : dbus-1 (openSUSE-2016-1206)

This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...

5.6AI score
Exploits0References3
fedora
fedora
added 2016/07/29 2:55 a.m.57 views

[SECURITY] Fedora 23 Update: php-guzzlehttp-guzzle-5.3.1-1.fc23

Guzzle is a PHP HTTP client that makes it easy to work with HTTP/1.1 and ta kes the pain out of consuming web services. Pluggable HTTP adapters that can send requests serially or in parallel Doesn't require cURL, but uses cURL by default Streams data for both uploads and downloads Provides event...

8.1CVSS0.1AI score0.50427EPSS
Exploits0
fedora
fedora
added 2016/07/29 12:0 a.m.47 views

[SECURITY] Fedora 24 Update: php-guzzlehttp-guzzle-5.3.1-1.fc24

Guzzle is a PHP HTTP client that makes it easy to work with HTTP/1.1 and ta kes the pain out of consuming web services. Pluggable HTTP adapters that can send requests serially or in parallel Doesn't require cURL, but uses cURL by default Streams data for both uploads and downloads Provides event...

8.1CVSS0.1AI score0.50427EPSS
Exploits0
filippoio
filippoio
added 2016/07/18 4:2 a.m.21 views

The complete guide to Go net/http timeouts

I got an occasion to do a deep dive into net/http recently, and wrote a post about all the different timeouts you can set on the client and server side. How they work, how they interact and how to use them. The complete guide to Go net/http timeouts | CloudFlare Blog archive...

6.9AI score
Exploits0
citrix
citrix
added 2016/05/16 12:0 a.m.10 views

Getting Started with Citrix Secure Mail

The purpose of this getting started guide is to provide a reference document with key information about Citrix Citrix Secure Mail. Navigation: What is Secure Mail? Citrix Secure Mail Connection Modes List of Supported Mail Servers Citrix Secure Mail w/ IBM Notes Supported File Formats Push...

6.1AI score
Exploits0
n0where
n0where
added 2016/04/19 10:6 p.m.70 views

American Fuzzy Lop Utilities: afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...

6.9AI score
Exploits0References3
nessus
nessus
added 2015/12/22 12:0 a.m.19 views

Scientific Linux Security Update : openhpi on SL7.x x86_64 (20151119)

It was found that the '/var/lib/openhpi' directory provided by OpenHPI used world-writeable and world-readable permissions. A local user could use this flaw to view, modify, and delete OpenHPI-related data, or even fill up the storage device hosting the /var/lib directory. CVE-2015-3248 The openh...

4.7CVSS4.9AI score0.00452EPSS
Exploits0References2
centos
centos
added 2015/11/30 7:46 p.m.49 views

openhpi security update

CentOS Errata and Security Advisory CESA-2015:2369 Updated openhpi packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerabilit...

4.7CVSS5.8AI score0.00452EPSS
Exploits0References7
redhat
redhat
added 2015/11/19 5:41 a.m.21 views

Low: Red Hat Security Advisory: openhpi security, bug fix, and enhancement update

Updated openhpi packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

4.7CVSS5.8AI score0.00452EPSS
Exploits0References2
openvas
openvas
added 2015/06/09 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-2621-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.08565EPSS
Exploits0References2
nessus
nessus
added 2015/05/27 12:0 a.m.31 views

Ubuntu 14.04 LTS : PostgreSQL vulnerabilities (USN-2621-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2621-1 advisory. Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the...

9.8CVSS8.1AI score0.08565EPSS
Exploits0References4
oraclelinux
oraclelinux
added 2015/04/08 12:0 a.m.65 views

kernel security and bug fix update

kernel 2.6.18-404.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...

6.9CVSS7AI score0.00465EPSS
Exploits0
oraclelinux
oraclelinux
added 2014/09/09 12:0 a.m.58 views

kernel security and bug fix update

2.6.32-431.29.2 - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094457 1094458 CVE-2014-0205 - net vxlan: fix NULL pointer dereference Jiri Benc 1114549 1096351 CVE-2014-3535 2.6.32-431.29.1 - mm hugetlb: ensure hugepage access is denied if hugepages are not supported Gustav...

7.8CVSS7.4AI score0.05926EPSS
Exploits14
oraclelinux
oraclelinux
added 2014/09/04 12:0 a.m.83 views

kernel security and bug fix update

kernel 2.6.18-371.12.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...

3.3CVSS7.1AI score0.0036EPSS
Exploits0
Rows per page
Query Builder