Lucene search
K

220 matches found

RedHat Linux
RedHat Linux
added 2016/08/23 6:14 a.m.62 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.3AI score0.00701EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/08/12 2:11 p.m.53 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS7.3AI score0.00701EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2016/08/10 12:0 a.m.29 views

Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization (CVE-2016-3642)

An insecure deserialization vulnerability has been reported in Solarwinds Virtualization Manager. This vulnerability is due to the inclusion of the vulnerable version of Apache Commons Collections library in the classpath combined with insecure deserialization. A remote, unauthenticated attacker...

10CVSS9.4AI score0.13268EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2016/08/09 5:24 p.m.56 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

5.5CVSS6.6AI score0.0052EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.7 views

The vulnerability of the SolarWinds Virtualization Manager software allows a hacker to execute arbitrary commands.

The vulnerability of the RMI component of the SolarWinds Virtualization Manager relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, using a specially crafted serialized Java object...

10CVSS8.1AI score0.13268EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.7 views

The vulnerability of the SolarWinds Virtualization Manager software allows a hacker to increase their privileges.

The vulnerability of the SolarWinds Virtualization Manager software is related to configuration errors. Exploiting this vulnerability can allow an attacker, operating locally, to gain increased privileges due to incorrect configuration of sudo...

7.2CVSS7.2AI score0.03704EPSS
Exploits5References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/13 12:0 a.m.179 views

SolarWinds Virtualization Manager Java Object Deserialization RCE

The remote SolarWinds Virtualization Manager server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by sending a specially...

10CVSS9.3AI score0.13268EPSS
Exploits2References2
NVD
NVD
added 2016/06/24 5:59 p.m.12 views

CVE-2016-5709

SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack...

4.7CVSS4.5AI score0.01422EPSS
Exploits0References2
OSV
OSV
added 2016/06/24 5:59 p.m.3 views

CVE-2016-5709

SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack...

4.7CVSS5.8AI score0.01422EPSS
Exploits0References2
CVE
CVE
added 2016/06/24 5:0 p.m.55 views

CVE-2016-5709

CVE-2016-5709 affects SolarWinds Virtualization Manager 6.3.1 and earlier. The root cause is weak encryption of passwords stored in /etc/shadow, enabling a local attacker with superuser privileges to brute-force and obtain user passwords. Documented impact is local, with partial confidentiality e...

4.7CVSS4.5AI score0.01422EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/06/21 12:0 a.m.5 views

Solarwinds Virtualization Manager Information Disclosure Vulnerability

Solarwinds Virtualization Manager is a suite of software from SolarWinds, Inc. that is used to manage and monitor virtualization products. The software provides capacity management, performance monitoring, and configuration management. A security vulnerability exists in Solarwinds Virtualization...

4.7CVSS6.5AI score0.01422EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/20 12:0 a.m.5 views

SolarWinds Virtualization Manager Privilege Gain Vulnerability

Solarwinds Virtualization Manager is a suite of software from SolarWinds, Inc. that is used to manage and monitor virtualization products. The software provides capacity management, performance monitoring and configuration management. A privilege acquisition vulnerability exists in SolarWinds...

7.8CVSS8.8AI score0.03704EPSS
Exploits5References1
OSV
OSV
added 2016/06/17 3:59 p.m.2 views

CVE-2016-3643

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."...

7.8CVSS5.8AI score0.03704EPSS
Exploits5References4
OSV
OSV
added 2016/06/17 3:59 p.m.3 views

CVE-2016-3642

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

9.8CVSS6AI score0.13268EPSS
Exploits2References3
Prion
Prion
added 2016/06/17 3:59 p.m.16 views

Design/Logic Flaw

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

10CVSS8.1AI score0.13268EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2016/06/17 3:0 p.m.1005 views

CVE-2016-3643

SolarWinds Virtualization Manager

7.8CVSS7.6AI score0.03704EPSS
In wildExploits5References4Affected Software1
CVE
CVE
added 2016/06/17 3:0 p.m.116 views

CVE-2016-3642

Summary: CVE-2016-3642 affects SolarWinds Virtualization Manager; the RMI service (port 1099/TCP) can be exploited via a crafted serialized Java object to achieve remote code execution, due to insecure deserialization tied to Apache Commons Collections (ACC). The vulnerability is present in 6.3.1...

10CVSS9.3AI score0.13268EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2016/06/17 3:0 p.m.9 views

CVE-2016-3643

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."...

7.7AI score0.03704EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2016/06/17 12:0 a.m.25 views

CVE-2016-3643

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by “sudo cat /etc/passwd.” Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

7.8CVSS7.7AI score0.03704EPSS
In wildExploits5References5
exploitpack
exploitpack
added 2016/06/16 12:0 a.m.53 views

SolarWinds Virtualization Manager - Local Privilege Escalation

SolarWinds Virtualization Manager - Local Privilege Escalation Product: Solarwinds Virtualization Manager Vendor: Solarwinds Vulnerable Versions: 6.3.1 Tested Version: 6.3.1 Vendor Notification: April 25th, 2016 Vendor Patch Availability to Customers: June 1st, 2016 Public Disclosure: June 14th,...

7.2CVSS7.8AI score0.03704EPSS
Exploits5
Rows per page
Query Builder