Lucene search
+L

654 matches found

CVE
CVE
added 2017/01/26 5:0 p.m.38 views

CVE-2016-8227

CVE-2016-8227 affects Lenovo Transition, a program used on Lenovo Yoga, Flex and Miix systems running Windows. The vulnerability enables local privilege escalation, allowing a user with local access to execute code with elevated (administrative/system) privileges. The issue is documented across m...

7.8CVSS7.8AI score0.00349EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/01/26 5:0 p.m.17 views

CVE-2016-8227

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges...

7.9AI score0.00349EPSS
Exploits0References2
CNVD
CNVD
added 2017/01/04 12:0 a.m.2 views

Lenovo Transition Local Elevation of Privilege Vulnerability

Lenovo Transition is a program from the Chinese company Lenovo that is used to set whether or not video pictures, etc. are automatically full screen in different modes. A local elevation of privilege vulnerability exists in Lenovo Transition. An attacker could use this vulnerability to execute...

7.8CVSS7.8AI score0.00349EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/12/13 12:0 a.m.31 views

openSUSE Security Update : pacemaker (openSUSE-2016-1447)

This update for pacemaker fixes the following issues : - remote: Allow cluster and remote LRM API versions to diverge bsc1009076 - libcrmcommon: fix CVE-2016-7035 improper IPC guarding bsc1007433 - sysconfig: minor tweaks typo, wording - spec: more robust check for systemd being in use - spec:...

8.8CVSS7.6AI score0.0325EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2016/12/08 12:0 a.m.2620 views

SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)

The remote service uses a known CA certificate in the SSL certificate chain that has been signed using a cryptographically weak hashing algorithm e.g., MD2, MD4, MD5, or SHA1. These signature algorithms are known to be vulnerable to collision attacks CVE-2004-2761, for example. An attacker can...

9.8CVSS6.5AI score0.09854EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/12/07 5:44 a.m.6 views

Sleipnir for Mac vulnerable to URL spoofing

Overview Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.1CVSS6.5AI score0.00831EPSS
Exploits0References6
Citrix
Citrix
added 2016/11/23 12:0 a.m.7 views

Some UPM or WEM Agent parameters may not be applied by the agent after switching from GPO settings to Workspace Environment Management settings.

Symptom 1: WEM Policy/Settings are not applying, and the old Citrix Profile Management items are applying instead Symptom 2: WEM Policies are not applying to the WEM Agents...

7.1AI score
Exploits0
OSV
OSV
added 2016/10/17 12:0 a.m.4 views

UBUNTU-CVE-2016-5187

Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox URL bar via crafted HTML pages...

6.5CVSS7AI score0.01235EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/10/05 12:0 a.m.55 views

Debian Security Advisory DSA 3688-1 (nss - security update)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...

9.3CVSS0.6AI score0.9986EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/10/04 9:8 p.m.118 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.8AI score0.00582EPSS
Exploits0References3
OSV
OSV
added 2016/09/25 8:59 p.m.3 views

UBUNTU-CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7AI score0.00867EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/09/16 7:27 a.m.7 views

chromium-browser: popup not correctly suppressed

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7.4AI score0.00867EPSS
Exploits0References5
Fedora
Fedora
added 2016/07/23 9:6 p.m.15 views

[SECURITY] Fedora 23 Update: kf5-kdelibs4support-5.24.0-1.fc23

This framework provides code and utilities to ease the transition from kdel ibs 4 to KDE Frameworks 5. This includes CMake macros and C++ classes whose functionality has been replaced by code in CMake, Qt and other frameworks...

7.5CVSS2.3AI score0.04429EPSS
Exploits1
Atlassian
Atlassian
added 2016/06/24 8:41 p.m.20 views

When JIRA project has a security scheme, the option "None" is not displayed in Crucible

h3. Summary Whenever a JIRA project has a Security Scheme defined, and a workflow transition has at least one required field, a window is opened in JIRA side so that the required field/s are selected. Among the fields displayed in this window there will be the "Security Level", in which the...

0.7AI score
Exploits0
OSV
OSV
added 2016/06/19 12:0 a.m.18 views

DLA-521-1 firefox-esr - security update

Bulletin has no description...

8.8CVSS7.5AI score0.23957EPSS
Exploits7
OpenVAS
OpenVAS
added 2016/06/09 12:0 a.m.39 views

Debian Security Advisory DSA 3600-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. Wait, Firefox? No more references to Iceweasel? That OpenVAS Vulnerability Test $Id...

6.8CVSS0.23957EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2016/05/26 12:0 a.m.14 views

Leaked DNS Query Detection - ISATAP Request (IPv6)

Binary data 7203.pasl...

7.3AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/25 12:0 a.m.19 views

JVN#26026353: WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting

The WordPress plugin "Markdown on Save Improved" contains a stored cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer. While the...

6.1CVSS6.1AI score0.01511EPSS
Exploits0
Debian
Debian
added 2016/05/04 1:38 p.m.13 views

[SECURITY] default-java switch to OpenJDK 7 and java-common update

Package : java-common Version : 0.47+deb7u1 In preparation for the upcoming default-java switch to OpenJDK 7 on 26 June 2016, the java-common package was updated to inform users about the intended change. The news will be automatically shown, if apt-listchanges has been installed on the system...

1.5AI score
Exploits0
Atlassian
Atlassian
added 2016/04/20 7:41 a.m.24 views

Drop support Windows Quicktime plugin from Confluence multimedia plugin

The US Govt is recommending users should uninstall Quicktime for Windows http://krebsonsecurity.com/2016/04/us-cert-to-windows-users-dump-apple-quicktime/ In order to assist users transition we need to drop support for Quicktime plugin from Multimedia plugins and use the "video" tag instead...

3AI score
Exploits0Affected Software1
Rows per page
Query Builder