Lucene search
+L

180 matches found

OSV
OSV
added 2020/10/27 8:15 p.m.2 views

CVE-2019-8564

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state...

7.5CVSS6.7AI score0.01009EPSS
Exploits0References1
OSV
OSV
added 2020/10/22 6:15 p.m.6 views

CVE-2020-3915

A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files...

7.8CVSS7.2AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 5:15 p.m.3 views

CVE-2020-9934

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information...

5.5CVSS7AI score0.03208EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2020/09/29 8:16 p.m.8 views

webkitgtk: Race condition allows reading of restricted memory

A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory...

3.1CVSS6.6AI score0.01107EPSS
Exploits2References5
OSV
OSV
added 2020/08/25 12:47 p.m.5 views

SUSE-SU-2020:2304-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745...

6.4CVSS6.9AI score0.01434EPSS
Exploits0References4
OSV
OSV
added 2020/04/21 12:0 a.m.2 views

UBUNTU-CVE-2020-3898

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges...

7.8CVSS6.8AI score0.00387EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for elinks (EulerOS-SA-2019-2574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.00579EPSS
Exploits0References2
OSV
OSV
added 2019/12/18 6:15 p.m.4 views

CVE-2019-8566

An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user...

3.3CVSS6.1AI score0.00695EPSS
Exploits0References1
OSV
OSV
added 2019/12/18 6:15 p.m.1 views

CVE-2019-8502

An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization...

3.3CVSS6.7AI score0.00802EPSS
Exploits0References4
OSV
OSV
added 2019/10/28 3:57 p.m.11 views

SUSE-SU-2019:2798-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server. bsc1141853...

7.5CVSS6.4AI score0.05366EPSS
Exploits1References5
OSV
OSV
added 2019/06/12 2:29 p.m.3 views

CVE-2019-1019

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access...

8.5CVSS7.4AI score0.15115EPSS
Exploits2References3
OSV
OSV
added 2019/03/05 4:29 p.m.3 views

CVE-2019-6225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges...

7.8CVSS7.4AI score0.28548EPSS
Exploits3References5
CVE
CVE
added 2019/01/11 6:0 p.m.71 views

CVE-2016-4643

CVE-2016-4643 affects Apple iOS (prior to 9.3.3), tvOS (prior to 9.2.2) and OS X El Capitan (prior to 10.11.6 and Security Update 2016-004). Root cause: a validation issue in the parsing of HTTP 407 responses within CFNetwork Proxies. Consequence (as stated by Apple and CVE references): an attack...

6.5CVSS7.1AI score0.01214EPSS
Exploits0References3Affected Software3
OpenVAS
OpenVAS
added 2017/11/26 12:0 a.m.21 views

openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.4AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 2017/10/10 9:29 p.m.3 views

ALPINE-CVE-2017-15191

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...

7.5CVSS6.8AI score0.02697EPSS
Exploits0References1
OSV
OSV
added 2017/03/04 3:59 a.m.3 views

ALPINE-CVE-2017-6468

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records...

7.5CVSS6.8AI score0.02594EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2016/10/06 12:0 a.m.65 views

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-118.13.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798695 CVE-2016-5829 3.8.13-118.13.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790116 3.8.13-118.12.1 - scsisysfs: protect against...

8.4CVSS0.1AI score0.01234EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.15 views

Slackware Advisory SSA:2003-141-04 GnuPG key validation fix

The remote host is missing an update as announced via advisory SSA:2003-141-04. OpenVAS Vulnerability Test $Id: esoftslkssa200314104.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

0.4AI score
Exploits0
Cent OS
Cent OS
added 2012/06/27 8:21 p.m.104 views

php security update

CentOS Errata and Security Advisory CESA-2012:1045 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

6.4CVSS7.5AI score0.50723EPSS
Exploits15References7
Slackware Linux
Slackware Linux
added 2003/05/21 8:32 p.m.12 views

GnuPG key validation fix

A key validation bug which results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key has been fixed with the release of GnuPG 1.2.2. We recommend sites using GnuPG upgrade to this new package. For detailed information about the problem, see this...

6.7AI score
Exploits0
Rows per page
Query Builder