Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 1996-07-16 |
Product | Enterprise Linux | Last view | 2024-02-14 |
Version | 3 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2024-02-14 | CVE-2023-50387 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. |
7.5 | 2024-02-07 | CVE-2023-6536 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6535 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6356 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. |
3.3 | 2024-02-06 | CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks. |
5.5 | 2024-02-06 | CVE-2024-0690 | An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. |
5.3 | 2024-02-05 | CVE-2023-7216 | A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, this allows writing files in arbitrary directories through symlinks. |
7.5 | 2024-02-05 | CVE-2023-50782 | A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. |
7.5 | 2024-02-05 | CVE-2023-50781 | A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. |
6.5 | 2024-02-04 | CVE-2023-6240 | A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. |
5.9 | 2024-01-31 | CVE-2024-0914 | A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. |
5.9 | 2024-01-31 | CVE-2023-5992 | A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. |
6.5 | 2024-01-30 | CVE-2024-0564 | A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share". Through these operations, the attacker can leak the victim's page. |
7.1 | 2024-01-29 | CVE-2023-40551 | A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. |
5.5 | 2024-01-29 | CVE-2023-40550 | An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. |
5.5 | 2024-01-29 | CVE-2023-40549 | An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. |
5.5 | 2024-01-29 | CVE-2023-40546 | A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances. |
7.8 | 2024-01-28 | CVE-2024-0841 | A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. |
7.5 | 2024-01-25 | CVE-2023-52356 | A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. |
7.5 | 2024-01-25 | CVE-2023-52355 | An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. |
8.3 | 2024-01-25 | CVE-2023-40547 | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. |
7.1 | 2024-01-22 | CVE-2024-0775 | A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. |
7 | 2024-01-21 | CVE-2023-6531 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. |
6.6 | 2024-01-18 | CVE-2024-0607 | A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality. |
7.8 | 2024-01-18 | CVE-2024-0409 | A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
9% (119) | CWE-416 | Use After Free |
9% (118) | CWE-787 | Out-of-bounds Write |
8% (103) | CWE-125 | Out-of-bounds Read |
5% (68) | CWE-476 | NULL Pointer Dereference |
5% (68) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5% (63) | CWE-20 | Improper Input Validation |
3% (46) | CWE-200 | Information Exposure |
3% (46) | CWE-190 | Integer Overflow or Wraparound |
3% (44) | CWE-362 | Race Condition |
2% (31) | CWE-264 | Permissions, Privileges, and Access Controls |
2% (24) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (24) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (22) | CWE-399 | Resource Management Errors |
1% (21) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
1% (20) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
1% (19) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (17) | CWE-189 | Numeric Errors |
1% (14) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
1% (12) | CWE-617 | Reachable Assertion |
1% (12) | CWE-287 | Improper Authentication |
1% (12) | CWE-203 | Information Exposure Through Discrepancy |
0% (11) | CWE-295 | Certificate Issues |
0% (10) | CWE-122 | Heap-based Buffer Overflow |
0% (9) | CWE-369 | Divide By Zero |
0% (9) | CWE-269 | Improper Privilege Management |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-6 | Argument Injection |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-15 | Command Delimiters |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-23 | File System Function Injection, Content Based |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
CAPEC-139 | Relative Path Traversal |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:1160 | Safe.PM Unsafe Code Execution Vulnerability |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
oval:org.mitre.oval:def:113 | X Display Manager Control Protocol Denial of Service |
oval:org.mitre.oval:def:129 | GDM X Display Manager Authorization Vulnerability |
oval:org.mitre.oval:def:387 | C-Media Sound Driver Userspace Access Vulnerability II |
oval:org.mitre.oval:def:11337 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us... |
oval:org.mitre.oval:def:9707 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.... |
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
oval:org.mitre.oval:def:846 | Red Hat gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:845 | Red Hat Enterprise 3 gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:10574 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ... |
oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:971 | libpng Malformed PNG Image Vulnerability |
oval:org.mitre.oval:def:11710 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta... |
SAINT Exploits
Description | Link |
---|---|
libssh authentication bypass | More info here |
Red Hat DHCP client NetworkManager integration script command injection | More info here |
Polkit pkexec privilege elevation | More info here |
Linux Dirty COW Local File Overwrite | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78302 | Linux Kernel m_stop() Implementation Local DoS |
77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
77558 | virt-v2v Guest Conversion VNC Password Local Authentication Bypass |
77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
77294 | Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS |
76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
76058 | Samba mtab Lock File Handling Local DoS |
75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
75714 | Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation |
75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
74150 | Drupal Comment Attachment Access Restriction Bypass |
73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
72541 | Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio... |
ExploitDB Exploits
id | Description |
---|---|
33894 | Python CGIHTTPServer Encoded Path Traversal |
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
27778 | Samba nttrans Reply - Integer Overflow Vulnerability |
24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
22406 | Konqueror 4.7.3 Memory Corruption |
11203 | Pidgin MSN <= 2.6.4 File Download Vulnerability |
5167 | X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit |
4601 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
374 | SoX Local Buffer Overflow Exploiter (Via Crafted WAV File) |
OpenVAS Exploits
id | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Windows) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_win.nasl |
2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-09 | Name : CentOS Update for kernel CESA-2012:1426 centos6 File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl |
2012-11-09 | Name : RedHat Update for kernel RHSA-2012:1426-01 File : nvt/gb_RHSA-2012_1426-01_kernel.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
2015-B-0083 | Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity: Category I - VMSKEY: V0060983 |
2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity: Category I - VMSKEY: V0060737 |
2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
2015-A-0042 | Samba Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0058919 |
2015-A-0038 | Multiple Vulnerabilities in GNU C Library (glibc) Severity: Category I - VMSKEY: V0058753 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0057381 |
2014-B-0105 | Samba Remote Code Execution Severity: Category I - VMSKEY: V0053637 |
2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0053509 |
2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity: Category I - VMSKEY: V0053501 |
2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity: Category I - VMSKEY: V0053505 |
2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity: Category I - VMSKEY: V0053507 |
2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0053319 |
2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity: Category I - VMSKEY: V0053203 |
2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0053201 |
2014-A-0103 | Multiple Vulnerabilities in Oracle E-Business Severity: Category I - VMSKEY: V0053195 |
2014-A-0105 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0053191 |
2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0053183 |
2014-A-0110 | Multiple Vulnerabilities in VMware Player Severity: Category I - VMSKEY: V0053181 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Type : SERVER-OTHER - Revision : 1 |
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Type : SERVER-OTHER - Revision : 1 |
2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Type : SERVER-OTHER - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Type : SERVER-OTHER - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Type : SERVER-OTHER - Revision : 1 |
2019-10-25 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022-community - Type : OS-LINUX - Revision : 1 |
2019-11-26 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022 - Type : OS-LINUX - Revision : 1 |
2019-11-03 | HAProxy H2 Frame heap memory corruption attempt RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51291 - Type : OS-MOBILE - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51290 - Type : OS-MOBILE - Revision : 1 |
2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Type : SERVER-OTHER - Revision : 2 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48855 - Type : PROTOCOL-OTHER - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48854 - Type : PROTOCOL-OTHER - Revision : 1 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48052 - Type : BROWSER-IE - Revision : 6 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48051 - Type : BROWSER-IE - Revision : 6 |
2018-05-30 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847-community - Type : OS-LINUX - Revision : 1 |
2018-07-03 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847 - Type : OS-LINUX - Revision : 1 |
2018-02-20 | Mozilla Firefox HTTP index format out of bounds read attempt RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1141.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0259281ab6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |