Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 2010-11-16 |
Product | Enterprise Linux Server Eus | Last view | 2022-08-22 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.5 | 2022-08-22 | CVE-2021-3659 | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. |
5.5 | 2022-03-04 | CVE-2021-3744 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. |
7.8 | 2022-01-28 | CVE-2021-4034 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. |
8.2 | 2021-03-03 | CVE-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
6.7 | 2021-03-03 | CVE-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
7.5 | 2021-03-03 | CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
6.7 | 2021-03-03 | CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
7.6 | 2021-03-03 | CVE-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
8.2 | 2021-03-03 | CVE-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
7.5 | 2021-03-03 | CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. |
8.8 | 2020-02-08 | CVE-2012-4512 | The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." |
7.8 | 2020-01-31 | CVE-2014-8141 | Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
7.8 | 2020-01-31 | CVE-2014-8140 | Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
7.8 | 2020-01-31 | CVE-2014-8139 | Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. |
6.5 | 2020-01-14 | CVE-2015-3147 | daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. |
7.8 | 2020-01-14 | CVE-2014-7844 | BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. |
9.8 | 2019-12-06 | CVE-2019-5544 | OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. |
7.8 | 2019-11-27 | CVE-2019-10216 | In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. |
7.8 | 2019-11-14 | CVE-2019-0155 | Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. |
7.8 | 2019-11-04 | CVE-2017-5333 | Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. |
7.8 | 2019-11-04 | CVE-2017-5332 | The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. |
9.8 | 2019-09-06 | CVE-2019-14813 | A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. |
5.5 | 2019-09-03 | CVE-2019-1125 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. |
7.5 | 2019-08-02 | CVE-2019-10171 | It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service. |
7.8 | 2019-08-02 | CVE-2019-10168 | The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
16% (84) | CWE-416 | Use After Free |
15% (77) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
9% (47) | CWE-20 | Improper Input Validation |
9% (46) | CWE-787 | Out-of-bounds Write |
6% (32) | CWE-125 | Out-of-bounds Read |
5% (29) | CWE-200 | Information Exposure |
4% (23) | CWE-190 | Integer Overflow or Wraparound |
2% (12) | CWE-362 | Race Condition |
1% (8) | CWE-704 | Incorrect Type Conversion or Cast |
1% (7) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
1% (7) | CWE-189 | Numeric Errors |
1% (7) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
1% (6) | CWE-476 | NULL Pointer Dereference |
1% (6) | CWE-264 | Permissions, Privileges, and Access Controls |
1% (6) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
0% (5) | CWE-399 | Resource Management Errors |
0% (5) | CWE-346 | Origin Validation Error |
0% (5) | CWE-284 | Access Control (Authorization) Issues |
0% (5) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
0% (5) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
0% (4) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (4) | CWE-617 | Reachable Assertion |
0% (4) | CWE-287 | Improper Authentication |
0% (4) | CWE-269 | Improper Privilege Management |
0% (4) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:13253 | USN-1016-1 -- libxml2 vulnerability |
oval:org.mitre.oval:def:12709 | DSA-2128-1 libxml2 -- invalid memory access |
oval:org.mitre.oval:def:12148 | Vulnerability in libxml2 in Google Chrome before 7.0.517.44 |
oval:org.mitre.oval:def:19711 | VMware ESXi and ESX updates to third party library and ESX Service Console |
oval:org.mitre.oval:def:20485 | VMware ESXi and ESX updates to third party library and ESX Service Console |
oval:org.mitre.oval:def:14410 | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.83... |
oval:org.mitre.oval:def:27147 | RHSA-2011:1749 -- libxml2 security and bug fix update (Low) |
oval:org.mitre.oval:def:27942 | ELSA-2011-1749 -- libxml2 security and bug fix update (low) |
oval:org.mitre.oval:def:27925 | DEPRECATED: ELSA-2012-0017 -- libxml2 security update (important) |
oval:org.mitre.oval:def:14761 | libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers... |
oval:org.mitre.oval:def:21409 | RHSA-2012:0018: libxml2 security update (Important) |
oval:org.mitre.oval:def:21164 | RHSA-2012:0017: libxml2 security update (Important) |
oval:org.mitre.oval:def:15446 | USN-1334-1 -- libxml2 vulnerabilities |
oval:org.mitre.oval:def:15165 | DSA-2394-1 libxml2 -- several |
oval:org.mitre.oval:def:14504 | Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.9... |
oval:org.mitre.oval:def:23538 | ELSA-2012:0018: libxml2 security update (Important) |
oval:org.mitre.oval:def:23214 | ELSA-2012:0017: libxml2 security update (Important) |
oval:org.mitre.oval:def:27976 | DEPRECATED: ELSA-2012-0018 -- libxml2 security update (important) |
oval:org.mitre.oval:def:20792 | RHSA-2012:0407: libpng security update (Moderate) |
oval:org.mitre.oval:def:15482 | USN-1402-1 -- libpng vulnerability |
oval:org.mitre.oval:def:15399 | DSA-2439-1 libpng -- buffer overflow |
oval:org.mitre.oval:def:14763 | Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used... |
oval:org.mitre.oval:def:23751 | ELSA-2012:0407: libpng security update (Moderate) |
oval:org.mitre.oval:def:23137 | DEPRECATED: ELSA-2012:0407: libpng security update (Moderate) |
oval:org.mitre.oval:def:27682 | DEPRECATED: ELSA-2012-0407 -- libpng security update (moderate) |
SAINT Exploits
Description | Link |
---|---|
Polkit pkexec privilege elevation | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78148 | Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O... |
77707 | Google Chrome libxml Out-of-bounds Read Remote DoS |
75560 | Google Chrome Double-free libxml XPath Handling Remote Code Execution |
74654 | Linux Kernel EFI GUID Partition Table (GPT) Implementation Crafted Partition ... |
70950 | Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure |
69205 | libxml2 Crafted XML File XPath Axis Traversal DoS |
ExploitDB Exploits
id | Description |
---|---|
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
32998 | Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support |
32791 | Heartbleed OpenSSL - Information Leak Exploit (1) |
32764 | OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS ... |
32745 | OpenSSL TLS Heartbeat Extension - Memory Disclosure |
22406 | Konqueror 4.7.3 Memory Corruption |
OpenVAS Exploits
id | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities) File : nvt/deb_2427_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2462-2 (imagemagick - several vulnerabilities) File : nvt/deb_2462_2.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities) File : nvt/deb_2553_1.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-12-13 | Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox) File : nvt/gb_suse_2012_1064_1.nasl |
2012-11-16 | Name : Debian Security Advisory DSA 2572-1 (iceape) File : nvt/deb_2572_1.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1416-01 File : nvt/gb_RHSA-2012_1416-01_kdelibs.nasl |
2012-11-02 | Name : RedHat Update for kdelibs RHSA-2012:1418-01 File : nvt/gb_RHSA-2012_1418-01_kdelibs.nasl |
2012-10-13 | Name : Debian Security Advisory DSA 2556-1 (icedove) File : nvt/deb_2556_1.nasl |
2012-10-03 | Name : Debian Security Advisory DSA 2554-1 (iceape) File : nvt/deb_2554_1.nasl |
2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
2012-10-03 | Name : Ubuntu Update for thunderbird USN-1551-2 File : nvt/gb_ubuntu_USN_1551_2.nasl |
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL) File : nvt/glsa_201209_24.nasl |
2012-09-27 | Name : CentOS Update for kernel CESA-2012:1304 centos6 File : nvt/gb_CESA-2012_1304_kernel_centos6.nasl |
2012-09-27 | Name : RedHat Update for kernel RHSA-2012:1304-01 File : nvt/gb_RHSA-2012_1304-01_kernel.nasl |
2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-05 (libreoffice) File : nvt/glsa_201209_05.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0202 | Citrix XenServer Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0061343 |
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2014-A-0064 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0050011 |
2014-A-0063 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0050009 |
2014-A-0062 | Multiple Vulnerabilities In McAfee Email Gateway Severity: Category I - VMSKEY: V0050005 |
2014-B-0050 | McAfee Web Gateway Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0050003 |
2014-B-0046 | Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity: Category I - VMSKEY: V0049737 |
2014-A-0058 | Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity: Category I - VMSKEY: V0049579 |
2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
2014-A-0053 | Multiple Vulnerabilities in Juniper Network JUNOS Severity: Category I - VMSKEY: V0049589 |
2014-A-0054 | Multiple Vulnerabilities in Oracle Database Severity: Category I - VMSKEY: V0049587 |
2014-A-0055 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0049585 |
2014-A-0056 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0049583 |
2014-B-0041 | Multiple Vulnerabilities in Splunk Severity: Category I - VMSKEY: V0049577 |
2014-B-0042 | Stunnel Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0049575 |
2014-A-0051 | OpenSSL Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0048667 |
2014-A-0043 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0046769 |
2014-A-0021 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0043921 |
2014-A-0017 | Multiple Vulnerabilities in Cisco TelePresence Video Communication Server Severity: Category I - VMSKEY: V0043846 |
2014-A-0019 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0043844 |
2013-A-0233 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0042596 |
2013-A-0222 | Multiple Vulnerabilties in VMware Workstation Severity: Category II - VMSKEY: V0042383 |
2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
2012-A-0104 | Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Severity: Category I - VMSKEY: V0033046 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52397 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52396 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52395 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52394 - Type : SERVER-OTHER - Revision : 1 |
2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52393 - Type : SERVER-OTHER - Revision : 1 |
2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52344 - Type : SERVER-OTHER - Revision : 1 |
2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52343 - Type : SERVER-OTHER - Revision : 1 |
2019-11-19 | Ghostscript -dSAFER sandbox bypass attempt RuleID : 51945 - Type : FILE-OTHER - Revision : 1 |
2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1 |
2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1 |
2019-04-30 | Unix systemd-journald memory corruption attempt RuleID : 49618 - Type : FILE-OTHER - Revision : 1 |
2019-04-30 | Unix systemd-journald memory corruption attempt RuleID : 49617 - Type : FILE-OTHER - Revision : 1 |
2019-03-05 | Ghostscript PostScript remote code execution attempt RuleID : 49086 - Type : FILE-OTHER - Revision : 1 |
2019-03-05 | Ghostscript PostScript remote code execution attempt RuleID : 49085 - Type : FILE-OTHER - Revision : 1 |
2019-01-17 | Mozilla Firefox method array.prototype.push remote code execution attempt RuleID : 48626 - Type : BROWSER-FIREFOX - Revision : 2 |
2019-01-17 | Mozilla Firefox method array.prototype.push remote code execution attempt RuleID : 48625 - Type : BROWSER-FIREFOX - Revision : 2 |
2019-01-10 | Mozilla Firefox javascript type confusion code execution attempt RuleID : 48565 - Type : BROWSER-FIREFOX - Revision : 1 |
2019-01-10 | Mozilla Firefox javascript type confusion code execution attempt RuleID : 48564 - Type : BROWSER-FIREFOX - Revision : 1 |
2018-12-07 | out-of-bounds write attempt with malicious MAR file detected RuleID : 48296 - Type : FILE-OTHER - Revision : 2 |
2018-12-07 | out-of-bounds write attempt with malicious MAR file detected RuleID : 48295 - Type : FILE-OTHER - Revision : 2 |
2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1 |
2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1 |
2018-10-25 | Ghostscript -dSAFER sandbox bypass attempt RuleID : 47882 - Type : FILE-OTHER - Revision : 1 |
2018-09-18 | LibreOffice WEBSERVICE arbitrary file disclosure attempt RuleID : 47566 - Type : FILE-OFFICE - Revision : 1 |
2018-09-18 | LibreOffice WEBSERVICE arbitrary file disclosure attempt RuleID : 47565 - Type : FILE-OFFICE - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-17 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2019-0059.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2019-0049.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-072.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing multiple security updates. File: Virtuozzo_VZA-2018-075.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-077.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-085.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-086.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-088.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1139.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1141.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1144.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1002.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1004.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2019-1012.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2019-1013.nasl - Type: ACT_GATHER_INFO |
2019-01-07 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2019-0022.nasl - Type: ACT_GATHER_INFO |
2019-01-07 | Name: The remote Fedora host is missing a security update. File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO |
2019-01-07 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-05acd3c734.nasl - Type: ACT_GATHER_INFO |