Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 1996-07-16 |
Product | Enterprise Linux | Last view | 2024-11-12 |
Version | 5 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.3 | 2024-11-12 | CVE-2024-49395 | In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. |
5.3 | 2024-11-12 | CVE-2024-49394 | In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. |
5.9 | 2024-11-12 | CVE-2024-49393 | In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. |
7.8 | 2024-10-29 | CVE-2024-50074 | In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size, not the actually output size, the length calculation can still go over the given limit. Use scnprintf() instead of snprintf(), which returns the actually output letters, for addressing the potential out-of-bounds access properly. |
6.5 | 2024-10-15 | CVE-2024-9676 | A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. |
0 | 2024-10-09 | CVE-2024-9675 | A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. |
8.2 | 2024-10-01 | CVE-2024-9341 | A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. |
0 | 2024-09-19 | CVE-2024-8354 | A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. |
0 | 2024-09-10 | CVE-2024-8443 | A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution. |
3.9 | 2024-09-03 | CVE-2024-45620 | A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. |
4.3 | 2024-09-03 | CVE-2024-45619 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. |
3.9 | 2024-09-03 | CVE-2024-45618 | A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. |
3.9 | 2024-09-03 | CVE-2024-45617 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. |
3.9 | 2024-09-03 | CVE-2024-45616 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card. |
3.9 | 2024-09-03 | CVE-2024-45615 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.). |
7.5 | 2024-08-19 | CVE-2024-44070 | An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. |
7.5 | 2024-08-12 | CVE-2024-7006 | A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. |
0 | 2024-08-02 | CVE-2024-3056 | A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system. |
6.5 | 2024-07-09 | CVE-2024-6237 | A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. |
0 | 2024-07-05 | CVE-2024-6505 | A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host. |
8.1 | 2024-07-01 | CVE-2024-6387 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. |
7.5 | 2024-06-21 | CVE-2024-6239 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. |
0 | 2024-06-12 | CVE-2024-5742 | A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. |
8.1 | 2024-06-12 | CVE-2024-3183 | A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). |
5.9 | 2024-06-06 | CVE-2024-3049 | A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
10% (115) | CWE-787 | Out-of-bounds Write |
10% (111) | CWE-416 | Use After Free |
8% (91) | CWE-125 | Out-of-bounds Read |
5% (64) | CWE-476 | NULL Pointer Dereference |
5% (61) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5% (56) | CWE-20 | Improper Input Validation |
4% (43) | CWE-362 | Race Condition |
4% (43) | CWE-190 | Integer Overflow or Wraparound |
3% (42) | CWE-200 | Information Exposure |
2% (30) | CWE-264 | Permissions, Privileges, and Access Controls |
2% (23) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
2% (22) | CWE-399 | Resource Management Errors |
1% (21) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
1% (18) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
1% (17) | CWE-189 | Numeric Errors |
1% (16) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (14) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
1% (12) | CWE-287 | Improper Authentication |
1% (12) | CWE-203 | Information Exposure Through Discrepancy |
1% (12) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
0% (10) | CWE-617 | Reachable Assertion |
0% (10) | CWE-295 | Certificate Issues |
0% (8) | CWE-269 | Improper Privilege Management |
0% (7) | CWE-770 | Allocation of Resources Without Limits or Throttling |
0% (7) | CWE-755 | Improper Handling of Exceptional Conditions |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-6 | Argument Injection |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-15 | Command Delimiters |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-23 | File System Function Injection, Content Based |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
CAPEC-139 | Relative Path Traversal |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:1160 | Safe.PM Unsafe Code Execution Vulnerability |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
oval:org.mitre.oval:def:113 | X Display Manager Control Protocol Denial of Service |
oval:org.mitre.oval:def:129 | GDM X Display Manager Authorization Vulnerability |
oval:org.mitre.oval:def:387 | C-Media Sound Driver Userspace Access Vulnerability II |
oval:org.mitre.oval:def:11337 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us... |
oval:org.mitre.oval:def:9707 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.... |
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
oval:org.mitre.oval:def:846 | Red Hat gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:845 | Red Hat Enterprise 3 gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:10574 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ... |
oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:971 | libpng Malformed PNG Image Vulnerability |
oval:org.mitre.oval:def:11710 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta... |
SAINT Exploits
Description | Link |
---|---|
libssh authentication bypass | More info here |
Red Hat DHCP client NetworkManager integration script command injection | More info here |
Polkit pkexec privilege elevation | More info here |
Bash environment variable code injection over HTTP | More info here |
Bash Environment Variable Handling Shell Command Injection Via CUPS | More info here |
ShellShock DHCP Server | More info here |
Linux Dirty COW Local File Overwrite | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78302 | Linux Kernel m_stop() Implementation Local DoS |
77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
77558 | virt-v2v Guest Conversion VNC Password Local Authentication Bypass |
77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
77294 | Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS |
76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
76058 | Samba mtab Lock File Handling Local DoS |
75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
75714 | Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation |
75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
74150 | Drupal Comment Attachment Access Restriction Bypass |
73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
72541 | Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio... |
ExploitDB Exploits
id | Description |
---|---|
35146 | PHP 5.x Shellshock Exploit (bypass disable_functions) |
35115 | CUPS Filter Bash Environment Variable Code Injection |
34879 | OpenVPN 2.2.29 - ShellShock Exploit |
34860 | GNU bash 4.3.11 Environment Variable dhclient Exploit |
34839 | IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injecti... |
34777 | GNU bash Environment Variable Command Injection (MSF) |
33894 | Python CGIHTTPServer Encoded Path Traversal |
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
27778 | Samba nttrans Reply - Integer Overflow Vulnerability |
24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
22406 | Konqueror 4.7.3 Memory Corruption |
15285 | Linux RDS Protocol Local Privilege Escalation |
11203 | Pidgin MSN <= 2.6.4 File Download Vulnerability |
5167 | X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit |
4601 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
374 | SoX Local Buffer Overflow Exploiter (Via Crafted WAV File) |
OpenVAS Exploits
id | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Windows) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_win.nasl |
2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-09 | Name : CentOS Update for kernel CESA-2012:1426 centos6 File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl |
2012-11-09 | Name : RedHat Update for kernel RHSA-2012:1426-01 File : nvt/gb_RHSA-2012_1426-01_kernel.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
2015-B-0083 | Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity: Category I - VMSKEY: V0060983 |
2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity: Category I - VMSKEY: V0060737 |
2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
2015-A-0042 | Samba Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0058919 |
2015-A-0038 | Multiple Vulnerabilities in GNU C Library (glibc) Severity: Category I - VMSKEY: V0058753 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0057381 |
2014-A-0142 | GNU Bash Shell Code Execution Vulnerability Severity: Category I - VMSKEY: V0054753 |
2014-B-0105 | Samba Remote Code Execution Severity: Category I - VMSKEY: V0053637 |
2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0053509 |
2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity: Category I - VMSKEY: V0053507 |
2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity: Category I - VMSKEY: V0053505 |
2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity: Category I - VMSKEY: V0053501 |
2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0053319 |
2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity: Category I - VMSKEY: V0053203 |
2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0053201 |
2014-A-0103 | Multiple Vulnerabilities in Oracle E-Business Severity: Category I - VMSKEY: V0053195 |
2014-A-0105 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0053191 |
2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0053183 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Type : SERVER-OTHER - Revision : 1 |
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Type : SERVER-OTHER - Revision : 1 |
2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Type : SERVER-OTHER - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | PHP FPM env_path_info buffer underflow attempt RuleID : 52123 - Type : SERVER-WEBAPP - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Type : SERVER-OTHER - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Type : SERVER-OTHER - Revision : 1 |
2019-10-25 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022-community - Type : OS-LINUX - Revision : 1 |
2019-11-26 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022 - Type : OS-LINUX - Revision : 1 |
2019-11-03 | HAProxy H2 Frame heap memory corruption attempt RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51291 - Type : OS-MOBILE - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51290 - Type : OS-MOBILE - Revision : 1 |
2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Type : SERVER-OTHER - Revision : 2 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48855 - Type : PROTOCOL-OTHER - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48854 - Type : PROTOCOL-OTHER - Revision : 1 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48052 - Type : BROWSER-IE - Revision : 6 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48051 - Type : BROWSER-IE - Revision : 6 |
2018-05-30 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847-community - Type : OS-LINUX - Revision : 1 |
2018-07-03 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847 - Type : OS-LINUX - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1141.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0259281ab6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |