Summary
| Detail | |||
|---|---|---|---|
| Vendor | Debian | First view | 2009-11-09 |
| Product | Debian Linux | Last view | 2020-06-29 |
| Version | 8.0 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:debian:debian_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2020-06-29 | CVE-2020-4067 | In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3. |
| 4.3 | 2020-06-24 | CVE-2020-15011 | GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. |
| 9.8 | 2020-06-19 | CVE-2020-8165 | A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. |
| 7.5 | 2020-06-19 | CVE-2020-8164 | A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. |
| 3.3 | 2020-06-18 | CVE-2019-13033 | In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans. |
| 6.5 | 2020-06-17 | CVE-2020-14405 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size. |
| 5.4 | 2020-06-17 | CVE-2020-14404 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. |
| 5.4 | 2020-06-17 | CVE-2020-14403 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. |
| 5.4 | 2020-06-17 | CVE-2020-14402 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. |
| 6.5 | 2020-06-17 | CVE-2020-14401 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. |
| 7.5 | 2020-06-17 | CVE-2020-14400 | ** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary. |
| 7.5 | 2020-06-17 | CVE-2020-14399 | ** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed." |
| 7.5 | 2020-06-17 | CVE-2020-14397 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. |
| 7.5 | 2020-06-17 | CVE-2019-20840 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. |
| 7.5 | 2020-06-17 | CVE-2019-20839 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. |
| 7.5 | 2020-06-11 | CVE-2020-0198 | In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941 |
| 6.5 | 2020-06-11 | CVE-2020-0182 | In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147140917 |
| 7.8 | 2020-06-09 | CVE-2020-10757 | A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. |
| 4.4 | 2020-06-08 | CVE-2020-13696 | An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command. |
| 7.5 | 2020-06-06 | CVE-2020-13881 | In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used. |
| 7.5 | 2020-06-04 | CVE-2020-13848 | Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c. |
| 5.5 | 2020-05-24 | CVE-2020-13434 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. |
| 5.9 | 2020-05-22 | CVE-2020-10711 | A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. |
| 8.2 | 2020-05-21 | CVE-2020-13113 | An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. |
| 7 | 2020-05-20 | CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 14% (336) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (245) | CWE-125 | Out-of-bounds Read |
| 9% (227) | CWE-20 | Improper Input Validation |
| 6% (161) | CWE-787 | Out-of-bounds Write |
| 5% (134) | CWE-200 | Information Exposure |
| 4% (116) | CWE-416 | Use After Free |
| 4% (116) | CWE-190 | Integer Overflow or Wraparound |
| 3% (81) | CWE-476 | NULL Pointer Dereference |
| 3% (80) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 1% (46) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 1% (36) | CWE-502 | Deserialization of Untrusted Data |
| 1% (35) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 1% (35) | CWE-264 | Permissions, Privileges, and Access Controls |
| 1% (34) | CWE-362 | Race Condition |
| 1% (34) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 1% (33) | CWE-284 | Access Control (Authorization) Issues |
| 1% (31) | CWE-399 | Resource Management Errors |
| 1% (27) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (22) | CWE-269 | Improper Privilege Management |
| 0% (20) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (19) | CWE-189 | Numeric Errors |
| 0% (18) | CWE-287 | Improper Authentication |
| 0% (17) | CWE-369 | Divide By Zero |
| 0% (17) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 0% (16) | CWE-617 | Reachable Assertion |
SAINT Exploits
| Description | Link |
|---|---|
| Exim SMTP listener base64d function one-character buffer overflow | More info here |
| Drupal Form API command execution | More info here |
| libssh authentication bypass | More info here |
| Linux Dirty COW Local File Overwrite | More info here |
| Horde Imp Unauthenticated Remote Command Execution | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78564 | Postfix Admin Unspecified XSS |
| 78563 | Postfix Admin edit-alias.php Unspecified XSS |
| 78562 | Postfix Admin create-alias.php Unspecified XSS |
| 78561 | Postfix Admin create-domain.php Unspecified XSS |
| 78560 | Postfix Admin templates/edit-vacation.php domain Parameter XSS |
| 78559 | Postfix Admin templates/menu.php domain Parameter XSS |
| 78134 | pithos Predictable Name Temporary File Symlink Arbitrary File Overwrite |
| 77832 | Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint... |
| 77581 | yaws URI Traversal Arbitrary File Access |
| 75622 | Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection |
| 75192 | rsyslog Multiple Ruleset Message Handling Memory Exhaustion Local DoS (2011-1... |
| 75191 | rsyslog Multiple Ruleset Message Handling Memory Exhaustion Local DoS (2011-1... |
| 75190 | rsyslog RepeatedMsgReduction Function Memory Exhaustion Local DoS |
| 74915 | ax25-tools ax25d Return Value Checking Weakness Remote Privilege Escalation |
| 74685 | xpdf Font CharCodes Parsing Integer Overflow |
| 74684 | xpdf Malformed Command Handling Gfx Content Memory Corruption |
| 74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
| 74335 | Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection |
| 74150 | Drupal Comment Attachment Access Restriction Bypass |
| 73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
| 73394 | klibc DHCP Response Handling Metacharacter Shell Command Execution |
| 73387 | Zend Framework PDO_MySql Character Set Security Bypass |
| 71961 | Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ... |
| 71951 | Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes... |
| 71849 | Thunar thunar/thunar-transfer-job.c thunar_transfer_job_copy_node() Function ... |
ExploitDB Exploits
| id | Description |
|---|---|
| 32998 | Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support |
| 32791 | Heartbleed OpenSSL - Information Leak Exploit (1) |
| 32764 | OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS ... |
| 32745 | OpenSSL TLS Heartbeat Extension - Memory Disclosure |
| 29519 | Horde Groupware Web Mail Edition 5.1.2 - CSRF Vulnerability |
| 29274 | Horde Groupware Web Mail Edition 5.1.2 - CSRF Vulnerability |
| 10579 | TLS Renegotiation Vulnerability PoC Exploit |
OpenVAS Exploits
| id | Description |
|---|---|
| 2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
| 2012-12-04 | Name : Debian Security Advisory DSA 2579-1 (apache2) File : nvt/deb_2579_1.nasl |
| 2012-11-26 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD20.nasl |
| 2012-11-09 | Name : Ubuntu Update for apache2 USN-1627-1 File : nvt/gb_ubuntu_USN_1627_1.nasl |
| 2012-11-09 | Name : Ubuntu Update for qt4-x11 USN-1628-1 File : nvt/gb_ubuntu_USN_1628_1.nasl |
| 2012-10-09 | Name : Fedora Update for phpldapadmin FEDORA-2012-14344 File : nvt/gb_fedora_2012_14344_phpldapadmin_fc17.nasl |
| 2012-10-09 | Name : Fedora Update for phpldapadmin FEDORA-2012-14363 File : nvt/gb_fedora_2012_14363_phpldapadmin_fc16.nasl |
| 2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-18 (postfixadmin) File : nvt/glsa_201209_18.nasl |
| 2012-08-30 | Name : Fedora Update for ecryptfs-utils FEDORA-2012-11069 File : nvt/gb_fedora_2012_11069_ecryptfs-utils_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for openttd FEDORA-2012-12198 File : nvt/gb_fedora_2012_12198_openttd_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for uzbl FEDORA-2012-2321 File : nvt/gb_fedora_2012_2321_uzbl_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for php-pear-CAS FEDORA-2012-3903 File : nvt/gb_fedora_2012_3903_php-pear-CAS_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for openstack-keystone FEDORA-2012-4690 File : nvt/gb_fedora_2012_4690_openstack-keystone_fc17.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2524-1 (openttd) File : nvt/deb_2524_1.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS) File : nvt/glsa_201206_18.nasl |
| 2012-08-06 | Name : Fedora Update for ecryptfs-utils FEDORA-2012-11049 File : nvt/gb_fedora_2012_11049_ecryptfs-utils_fc16.nasl |
| 2012-06-28 | Name : Ubuntu Update for network-manager USN-1483-1 File : nvt/gb_ubuntu_USN_1483_1.nasl |
| 2012-06-28 | Name : Ubuntu Update for network-manager-applet USN-1483-2 File : nvt/gb_ubuntu_USN_1483_2.nasl |
| 2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-22 (nginx) File : nvt/glsa_201203_22.nasl |
| 2012-04-11 | Name : Fedora Update for openstack-keystone FEDORA-2012-4960 File : nvt/gb_fedora_2012_4960_openstack-keystone_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for foomatic FEDORA-2011-11118 File : nvt/gb_fedora_2011_11118_foomatic_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for openttd FEDORA-2012-0647 File : nvt/gb_fedora_2012_0647_openttd_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for php-pear-CAS FEDORA-2012-4119 File : nvt/gb_fedora_2012_4119_php-pear-CAS_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for hardlink FEDORA-2011-14727 File : nvt/gb_fedora_2011_14727_hardlink_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for polipo FEDORA-2012-0840 File : nvt/gb_fedora_2012_0840_polipo_fc16.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0222 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0061471 |
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
| 2015-A-0160 | Multiple Vulnerabilities in Oracle Linux and Virtualization Severity: Category I - VMSKEY: V0061123 |
| 2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
| 2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
| 2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
| 2015-B-0068 | Multiple Vulnerabilities in PostgreSQL Severity: Category I - VMSKEY: V0060809 |
| 2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
| 2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
| 2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
| 2014-B-0100 | Multiple Security Vulnerabilities in Google Chrome Severity: Category I - VMSKEY: V0053311 |
| 2014-A-0064 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0050011 |
| 2014-A-0063 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0050009 |
| 2014-A-0062 | Multiple Vulnerabilities In McAfee Email Gateway Severity: Category I - VMSKEY: V0050005 |
| 2014-B-0050 | McAfee Web Gateway Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0050003 |
| 2014-B-0046 | Multiple Vulnerabilities in HP System Management Homepage (SMH) Severity: Category I - VMSKEY: V0049737 |
| 2014-A-0056 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0049583 |
| 2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
| 2014-A-0053 | Multiple Vulnerabilities in Juniper Network JUNOS Severity: Category I - VMSKEY: V0049589 |
| 2014-A-0054 | Multiple Vulnerabilities in Oracle Database Severity: Category I - VMSKEY: V0049587 |
| 2014-A-0055 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0049585 |
| 2014-A-0058 | Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity: Category I - VMSKEY: V0049579 |
| 2014-B-0041 | Multiple Vulnerabilities in Splunk Severity: Category I - VMSKEY: V0049577 |
| 2014-B-0042 | Stunnel Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0049575 |
| 2014-B-0039 | Multiple Vulnerabilities in Google Chrome Severity: Category I - VMSKEY: V0048683 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-07-07 | Apache Tomcat FileStore directory traversal attempt RuleID : 54162 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-05-07 | Asterisk Manager Interface Originate action arbitrary command execution attempt RuleID : 53579 - Type : PROTOCOL-VOIP - Revision : 1 |
| 2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53378 - Type : SERVER-OTHER - Revision : 1 |
| 2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53377 - Type : SERVER-OTHER - Revision : 1 |
| 2020-04-02 | Exim unauthenticated remote code execution attempt RuleID : 53376 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-23 | Google Chrome V8 AwaitedPromise memory corruption attempt RuleID : 52504 - Type : BROWSER-CHROME - Revision : 1 |
| 2020-01-23 | Google Chrome V8 AwaitedPromise memory corruption attempt RuleID : 52503 - Type : BROWSER-CHROME - Revision : 1 |
| 2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52397 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52396 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52395 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52394 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-07 | LibVNCServer file transfer extension heap buffer overflow attempt RuleID : 52393 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52344 - Type : SERVER-OTHER - Revision : 1 |
| 2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52343 - Type : SERVER-OTHER - Revision : 1 |
| 2019-12-17 | Wget HTTP non-200 negative chunk-size buffer overflow attempt RuleID : 52235 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
| 2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
| 2019-12-05 | ISC BIND DHCP client DNAME resource record parsing denial of service attempt RuleID : 52078 - Type : SERVER-OTHER - Revision : 1 |
| 2019-12-03 | ZeroMQ libzmq stack-based buffer overflow attempt RuleID : 52037 - Type : SERVER-OTHER - Revision : 1 |
| 2019-11-19 | Ghostscript -dSAFER sandbox bypass attempt RuleID : 51945 - Type : FILE-OTHER - Revision : 1 |
| 2019-10-23 | PHP http fopen stack buffer overflow attempt RuleID : 51578 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-10-08 | Mozilla Firefox Custom Elements write-after-free attempt RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1 |
| 2019-09-24 | Ruby on Rails render file directory traversal attempt RuleID : 51261 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-09-24 | Ruby on Rails render file directory traversal attempt RuleID : 51260 - Type : SERVER-WEBAPP - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
| 2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2019-0059.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2019-0049.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote Debian host is missing a security update. File: debian_DLA-1634.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: A PHP application running on the remote web server is affected by multiple vu... File: drupal_8_6_6.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-e6ca5847c7.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO |
| 2019-01-15 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-337484d88b.nasl - Type: ACT_GATHER_INFO |
| 2019-01-15 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-b0f7a7b74b.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2019-1145.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2019-1146.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2019-1147.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Debian host is missing a security update. File: debian_DLA-1633.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4365.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO |
| 2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO |
