Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 1996-07-16 |
Product | Enterprise Linux | Last view | 2024-07-09 |
Version | 7 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.5 | 2024-07-09 | CVE-2024-6237 | A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. |
6.8 | 2024-07-05 | CVE-2024-6505 | A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host. |
8.1 | 2024-07-01 | CVE-2024-6387 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. |
7.5 | 2024-06-21 | CVE-2024-6239 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. |
5.9 | 2024-06-06 | CVE-2024-3049 | A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. |
5.5 | 2024-04-10 | CVE-2024-3567 | A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. |
7.5 | 2024-02-14 | CVE-2023-50387 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. |
7.5 | 2024-02-07 | CVE-2023-6536 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6535 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6356 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. |
3.3 | 2024-02-06 | CVE-2024-1048 | A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks. |
5.5 | 2024-02-06 | CVE-2024-0690 | An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. |
5.3 | 2024-02-05 | CVE-2023-7216 | A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. |
7.5 | 2024-02-05 | CVE-2023-50782 | A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. |
7.5 | 2024-02-05 | CVE-2023-50781 | A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. |
6.5 | 2024-02-04 | CVE-2023-6240 | A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. |
5.9 | 2024-01-31 | CVE-2024-0914 | A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. |
5.9 | 2024-01-31 | CVE-2023-5992 | A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. |
6.5 | 2024-01-30 | CVE-2024-0564 | A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share". Through these operations, the attacker can leak the victim's page. |
5.1 | 2024-01-29 | CVE-2023-40551 | A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase. |
5.5 | 2024-01-29 | CVE-2023-40550 | An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase. |
5.5 | 2024-01-29 | CVE-2023-40549 | An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. |
5.5 | 2024-01-29 | CVE-2023-40546 | A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances. |
7.8 | 2024-01-28 | CVE-2024-0841 | A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. |
7.5 | 2024-01-25 | CVE-2023-52356 | A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
10% (121) | CWE-416 | Use After Free |
10% (120) | CWE-787 | Out-of-bounds Write |
8% (103) | CWE-125 | Out-of-bounds Read |
5% (68) | CWE-476 | NULL Pointer Dereference |
5% (68) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
5% (63) | CWE-20 | Improper Input Validation |
3% (46) | CWE-200 | Information Exposure |
3% (46) | CWE-190 | Integer Overflow or Wraparound |
3% (44) | CWE-362 | Race Condition |
2% (30) | CWE-264 | Permissions, Privileges, and Access Controls |
2% (24) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (24) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (22) | CWE-399 | Resource Management Errors |
1% (21) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
1% (20) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
1% (19) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (17) | CWE-189 | Numeric Errors |
1% (14) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
1% (13) | CWE-617 | Reachable Assertion |
1% (12) | CWE-287 | Improper Authentication |
1% (12) | CWE-203 | Information Exposure Through Discrepancy |
0% (11) | CWE-295 | Certificate Issues |
0% (10) | CWE-122 | Heap-based Buffer Overflow |
0% (9) | CWE-369 | Divide By Zero |
0% (8) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-6 | Argument Injection |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-15 | Command Delimiters |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-23 | File System Function Injection, Content Based |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
CAPEC-139 | Relative Path Traversal |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:1160 | Safe.PM Unsafe Code Execution Vulnerability |
oval:org.mitre.oval:def:10736 | The Internet Group Management Protocol (IGMP) allows local users to cause a d... |
oval:org.mitre.oval:def:664 | Code Execution Vulnerability in XPDF PDF Viewer |
oval:org.mitre.oval:def:113 | X Display Manager Control Protocol Denial of Service |
oval:org.mitre.oval:def:129 | GDM X Display Manager Authorization Vulnerability |
oval:org.mitre.oval:def:387 | C-Media Sound Driver Userspace Access Vulnerability II |
oval:org.mitre.oval:def:11337 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us... |
oval:org.mitre.oval:def:9707 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.... |
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
oval:org.mitre.oval:def:846 | Red Hat gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:845 | Red Hat Enterprise 3 gdk-pixbuf Denial of Service |
oval:org.mitre.oval:def:10574 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ... |
oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:971 | libpng Malformed PNG Image Vulnerability |
oval:org.mitre.oval:def:11710 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta... |
SAINT Exploits
Description | Link |
---|---|
libssh authentication bypass | More info here |
Red Hat DHCP client NetworkManager integration script command injection | More info here |
Polkit pkexec privilege elevation | More info here |
Bash environment variable code injection over HTTP | More info here |
Bash Environment Variable Handling Shell Command Injection Via CUPS | More info here |
ShellShock DHCP Server | More info here |
Linux Dirty COW Local File Overwrite | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78302 | Linux Kernel m_stop() Implementation Local DoS |
77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
77571 | Linux Kernel be2net VLAN Packet Parsing Remote DoS |
77558 | virt-v2v Guest Conversion VNC Password Local Authentication Bypass |
77485 | Linux Kernel /mm/oom_kill.c Local Overflow |
77294 | Linux Kernel VLAN 0 Frame Priority Tag Parsing Remote DoS |
76805 | Linux Kernel net/core/net_namespace.c Network Namespace Cleanup Weakness Remo... |
76058 | Samba mtab Lock File Handling Local DoS |
75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
75714 | Linux Kernel AuerswaldPBX/System Telephone USB Driver Privilege Escalation |
75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
75279 | Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca... |
74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
74646 | ConsoleKit VNC Session is-local Property Handling Remote Privilege Escalation |
74150 | Drupal Comment Attachment Access Restriction Bypass |
73748 | udisks mount(8) Command Arbitrary Kernel Module Loading |
73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
72541 | Red Hat policycoreutils seunshare sandbox/seunshare.c seunshare_mount Functio... |
ExploitDB Exploits
id | Description |
---|---|
35146 | PHP 5.x Shellshock Exploit (bypass disable_functions) |
35115 | CUPS Filter Bash Environment Variable Code Injection |
34879 | OpenVPN 2.2.29 - ShellShock Exploit |
34860 | GNU bash 4.3.11 Environment Variable dhclient Exploit |
34839 | IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injecti... |
34777 | GNU bash Environment Variable Command Injection (MSF) |
33894 | Python CGIHTTPServer Encoded Path Traversal |
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
27778 | Samba nttrans Reply - Integer Overflow Vulnerability |
24259 | Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne... |
22406 | Konqueror 4.7.3 Memory Corruption |
15285 | Linux RDS Protocol Local Privilege Escalation |
11203 | Pidgin MSN <= 2.6.4 File Download Vulnerability |
5167 | X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit |
4601 | Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit |
718 | Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit |
374 | SoX Local Buffer Overflow Exploiter (Via Crafted WAV File) |
OpenVAS Exploits
id | Description |
---|---|
2014-10-16 | Name : POODLE SSLv3 Protocol CBC ciphers Information Disclosure Vulnerability File : nvt/gb_poodel_sslv3_info_disc_vuln.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-12-28 | Name : Wireshark Multiple Vulnerabilities-01 Dec 2012 (Mac OS X) File : nvt/gb_wireshark_mult_vuln01_dec12_macosx.nasl |
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X) File : nvt/gb_libreoffice_graphic_object_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows) File : nvt/gb_libreoffice_graphic_object_bof_vuln_win.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_macosx.nasl |
2012-12-24 | Name : LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Windows) File : nvt/gb_libreoffice_xml_manifest_bof_vuln_win.nasl |
2012-12-24 | Name : OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows) File : nvt/gb_openoffice_mult_bof_vuln_dec12_win.nasl |
2012-12-18 | Name : Fedora Update for kernel FEDORA-2012-20240 File : nvt/gb_fedora_2012_20240_kernel_fc16.nasl |
2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-11-29 | Name : Fedora Update for kernel FEDORA-2012-18691 File : nvt/gb_fedora_2012_18691_kernel_fc16.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-09 | Name : CentOS Update for kernel CESA-2012:1426 centos6 File : nvt/gb_CESA-2012_1426_kernel_centos6.nasl |
2012-11-09 | Name : RedHat Update for kernel RHSA-2012:1426-01 File : nvt/gb_RHSA-2012_1426-01_kernel.nasl |
2012-11-06 | Name : Fedora Update for kernel FEDORA-2012-17479 File : nvt/gb_fedora_2012_17479_kernel_fc16.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1416 centos6 File : nvt/gb_CESA-2012_1416_kdelibs_centos6.nasl |
2012-11-02 | Name : CentOS Update for kdelibs CESA-2012:1418 centos6 File : nvt/gb_CESA-2012_1418_kdelibs_centos6.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2015-A-0154 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0061081 |
2015-B-0083 | Multiple Vulnerabilities in IBM Storwize V7000 Unified Severity: Category I - VMSKEY: V0060983 |
2015-A-0115 | QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability Severity: Category II - VMSKEY: V0060741 |
2015-A-0113 | Multiple Vulnerabilities in Juniper Networks CTPOS Severity: Category I - VMSKEY: V0060737 |
2015-A-0112 | Oracle Linux & Virtualization Buffer Overflow Vulnerability Severity: Category I - VMSKEY: V0060735 |
2015-A-0042 | Samba Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0058919 |
2015-A-0038 | Multiple Vulnerabilities in GNU C Library (glibc) Severity: Category I - VMSKEY: V0058753 |
2015-B-0012 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0058517 |
2015-B-0013 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0058515 |
2015-B-0014 | Multiple Vulnerabilities in VMware ESXi 5.5 Severity: Category I - VMSKEY: V0058513 |
2014-A-0172 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0057381 |
2014-A-0142 | GNU Bash Shell Code Execution Vulnerability Severity: Category I - VMSKEY: V0054753 |
2014-B-0105 | Samba Remote Code Execution Severity: Category I - VMSKEY: V0053637 |
2014-B-0103 | Multiple Vulnerabilities in VMware Horizon View Client Severity: Category I - VMSKEY: V0053509 |
2014-B-0102 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.5 Severity: Category I - VMSKEY: V0053507 |
2014-B-0101 | Multiple Vulnerabilities in VMware vCenter Converter Standalone 5.1 Severity: Category I - VMSKEY: V0053505 |
2014-A-0115 | Multiple Vulnerabilities in VMware Horizon View Severity: Category I - VMSKEY: V0053501 |
2014-B-0097 | Multiple Vulnerabilities in VMware ESXi 5.0 Severity: Category I - VMSKEY: V0053319 |
2014-A-0099 | Multiple Vulnerabilities in McAfee Email Gateway Severity: Category I - VMSKEY: V0053203 |
2014-A-0100 | Multiple Vulnerabilities in McAfee VirusScan Enterprise for Linux Severity: Category I - VMSKEY: V0053201 |
2014-A-0103 | Multiple Vulnerabilities in Oracle E-Business Severity: Category I - VMSKEY: V0053195 |
2014-A-0105 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0053191 |
2014-A-0109 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0053183 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52626 - Type : SERVER-OTHER - Revision : 1 |
2020-02-25 | OpenSSL anonymous ECDH denial of service attempt RuleID : 52625 - Type : SERVER-OTHER - Revision : 1 |
2020-01-21 | OpenSSL SSL ChangeCipherSpec man-in-the-middle attempt RuleID : 52487 - Type : SERVER-OTHER - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52133 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | Libmspack cabd_sys_read_block off-by-one heap overflow attempt RuleID : 52132 - Type : FILE-OTHER - Revision : 2 |
2019-12-10 | PHP FPM env_path_info buffer underflow attempt RuleID : 52123 - Type : SERVER-WEBAPP - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Type : SERVER-OTHER - Revision : 1 |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Type : SERVER-OTHER - Revision : 1 |
2019-10-25 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022-community - Type : OS-LINUX - Revision : 1 |
2019-11-26 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 52022 - Type : OS-LINUX - Revision : 1 |
2019-11-03 | HAProxy H2 Frame heap memory corruption attempt RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51291 - Type : OS-MOBILE - Revision : 1 |
2019-09-26 | Google Android Kernel local denial of service attempt RuleID : 51290 - Type : OS-MOBILE - Revision : 1 |
2019-09-10 | nfs-utils TCP connection termination denial-of-service attempt RuleID : 50913 - Type : SERVER-OTHER - Revision : 1 |
2019-08-31 | Postfix IPv6 Relaying Security Issue RuleID : 50859 - Type : SERVER-MAIL - Revision : 1 |
2019-03-19 | Multiple products runc arbitrary code execution attempt RuleID : 49195 - Type : SERVER-OTHER - Revision : 2 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48855 - Type : PROTOCOL-OTHER - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48854 - Type : PROTOCOL-OTHER - Revision : 1 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48052 - Type : BROWSER-IE - Revision : 6 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48051 - Type : BROWSER-IE - Revision : 6 |
2018-05-30 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847-community - Type : OS-LINUX - Revision : 1 |
2018-07-03 | Red Hat NetworkManager DHCP client command injection attempt RuleID : 46847 - Type : OS-LINUX - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Debian host is missing a security update. File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Fedora host is missing a security update. File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1141.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1143.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0259281ab6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |