Summary
Detail | |||
---|---|---|---|
Vendor | Redhat | First view | 2006-10-05 |
Product | Enterprise Linux Eus | Last view | 2024-02-07 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2024-02-07 | CVE-2023-6536 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6535 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. |
7.5 | 2024-02-07 | CVE-2023-6356 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. |
6.5 | 2024-01-10 | CVE-2023-5455 | A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. |
7.8 | 2023-12-13 | CVE-2023-6377 | A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. |
4.4 | 2023-12-10 | CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. |
8.8 | 2023-12-10 | CVE-2023-5869 | A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory. |
4.3 | 2023-12-10 | CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. |
6.5 | 2023-11-06 | CVE-2023-42669 | A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task. |
7.5 | 2023-11-03 | CVE-2023-46848 | Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. |
7.5 | 2023-11-03 | CVE-2023-46847 | Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. |
5.3 | 2023-11-03 | CVE-2023-46846 | SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. |
6.5 | 2023-11-03 | CVE-2023-4091 | A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. |
9.8 | 2023-11-03 | CVE-2023-3961 | A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes. |
7 | 2023-11-03 | CVE-2023-1476 | A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. |
7.8 | 2023-11-01 | CVE-2023-3972 | A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). |
7.8 | 2023-10-03 | CVE-2023-4911 | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. |
7.5 | 2023-09-27 | CVE-2023-5157 | A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service. |
5.9 | 2023-09-18 | CVE-2023-4806 | A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. |
6.5 | 2023-09-18 | CVE-2023-4527 | A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. |
5.9 | 2023-09-12 | CVE-2023-4813 | A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. |
6.5 | 2023-08-25 | CVE-2023-38201 | A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database. |
7.8 | 2023-08-23 | CVE-2023-3899 | A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root. |
7.8 | 2023-08-07 | CVE-2023-4147 | A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. |
7.5 | 2023-07-24 | CVE-2023-38200 | A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
14% (51) | CWE-416 | Use After Free |
13% (45) | CWE-787 | Out-of-bounds Write |
6% (22) | CWE-125 | Out-of-bounds Read |
6% (22) | CWE-20 | Improper Input Validation |
4% (17) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
4% (16) | CWE-190 | Integer Overflow or Wraparound |
4% (15) | CWE-476 | NULL Pointer Dereference |
3% (13) | CWE-200 | Information Exposure |
3% (12) | CWE-362 | Race Condition |
3% (12) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
3% (11) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (8) | CWE-269 | Improper Privilege Management |
2% (8) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
1% (5) | CWE-287 | Improper Authentication |
1% (5) | CWE-122 | Heap-based Buffer Overflow |
1% (5) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (4) | CWE-444 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli... |
0% (3) | CWE-415 | Double Free |
0% (3) | CWE-295 | Certificate Issues |
0% (3) | CWE-276 | Incorrect Default Permissions |
0% (3) | CWE-203 | Information Exposure Through Discrepancy |
0% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
0% (2) | CWE-772 | Missing Release of Resource after Effective Lifetime |
0% (2) | CWE-755 | Improper Handling of Exceptional Conditions |
0% (2) | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-61 | Session Fixation |
CAPEC-62 | Cross Site Request Forgery (aka Session Riding) |
CAPEC-122 | Exploitation of Authorization |
CAPEC-180 | Exploiting Incorrectly Configured Access Control Security Levels |
CAPEC-232 | Exploitation of Privilege/Trust |
CAPEC-234 | Hijacking a privileged process |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:10128 | The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.... |
oval:org.mitre.oval:def:8349 | Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlR... |
oval:org.mitre.oval:def:10987 | PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl ... |
oval:org.mitre.oval:def:21702 | ELSA-2007:0395: mod_perl security update (Low) |
oval:org.mitre.oval:def:10154 | Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status mo... |
oval:org.mitre.oval:def:10719 | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2... |
oval:org.mitre.oval:def:9577 | The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_pr... |
oval:org.mitre.oval:def:6084 | HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service ... |
oval:org.mitre.oval:def:11713 | Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability |
oval:org.mitre.oval:def:9905 | QEMU 0.9.0 does not properly handle changes to removable media, which allows ... |
oval:org.mitre.oval:def:7873 | DSA-1799 qemu -- several vulnerabilities |
oval:org.mitre.oval:def:11182 | The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.... |
oval:org.mitre.oval:def:22656 | ELSA-2008:0885: kernel security and bug fix update (Important) |
oval:org.mitre.oval:def:9812 | libxml2 2.6.32 and earlier does not properly detect recursion during entity e... |
oval:org.mitre.oval:def:7968 | DSA-1631 libxml2 -- denial of service |
oval:org.mitre.oval:def:6496 | Libxml2 Recursive Entity Evaluation Bug Lets Remote Users Deny Service |
oval:org.mitre.oval:def:19740 | DSA-1631-1 libxml2 - denial of service |
oval:org.mitre.oval:def:17756 | USN-640-1 -- libxml2 vulnerability |
oval:org.mitre.oval:def:17731 | USN-644-1 -- libxml2 vulnerabilities |
oval:org.mitre.oval:def:21731 | ELSA-2008:0836: libxml2 security update (Moderate) |
oval:org.mitre.oval:def:29241 | RHSA-2008:0836 -- libxml2 security update (Moderate) |
oval:org.mitre.oval:def:9600 | The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on ... |
oval:org.mitre.oval:def:8508 | VMware kernel audit_syscall_entry function vulnerability |
oval:org.mitre.oval:def:8181 | DSA-1766 krb5 -- several vulnerabilities |
oval:org.mitre.oval:def:6301 | HP-UX Running Kerberos, Remote Denial of Service (DoS), Execution of Arbitrar... |
SAINT Exploits
Description | Link |
---|---|
Polkit pkexec privilege elevation | More info here |
Linux Dirty COW Local File Overwrite | More info here |
Oracle Java findMethod findClass Security Bypass | More info here |
Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78556 | Apache HTTP Server Status Code 400 Default Error Response httpOnly Cookie Dis... |
78293 | Apache HTTP Server Scoreboard Invalid Free Operation Local Security Bypass |
78225 | Linux Kernel net/ipv4/igmp.c igmp_heard_query() Function IGMP Query Parsing R... |
75652 | Qt src/3rdparty/harfbuzz/src/harfbuzz-gpos.c Font Handling Overflow |
74829 | SSL Chained Initialization Vector CBC Mode MiTM Weakness |
74695 | Google Chrome Double Free Unspecified libxml XPath Handling Issue |
74653 | Linux Kernel net/ipv4/inet_diag.c inet_diag_bc_audit() Function Local DoS |
73882 | Linux Kernel DCCP net/dccp/input.c dccp_rcv_state_process Function CLOSED End... |
73460 | Linux Kernel Bluetooth net/bluetooth/rfcomm/sock.c rfcomm_sock_getsockopt_old... |
73459 | Linux Kernel Bluetooth net/bluetooth/l2cap_sock.c l2cap_sock_getsockopt_old()... |
73046 | Linux Kernel fs/partitions/osf.c osf_partition Function Partition Table Parsi... |
73045 | Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG... |
73043 | Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo... |
73042 | Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG... |
72993 | Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ... |
71992 | Linux Kernel kernel/pid.c next_pidmap() Function Local DoS |
71653 | Linux Kernel rt_*sigqueueinfo() Functions SI_TKILL Signal Spoofing |
71649 | Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ... |
71480 | Linux Kernel cm_work_handler() Function InfiniBand Request Handling DoS |
69673 | Google Chrome XPath Handling Double-free Remote DoS |
60311 | Linux Kernel drivers/scsi/gdth.c gdth_read_event() Function IOCTL Handling Lo... |
60204 | CUPS scheduler/select.c cupsdDoSelect() Function Use-after-free DoS |
60201 | Linux Kernel megaraid_sas Driver poll_mode_io Permission Weakness I/O Mode Lo... |
59654 | Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local... |
59082 | Linux Kernel on x86_64 arch/x86/ia32/ia32entry.S 64-bit Mode ia32 Process Loc... |
ExploitDB Exploits
id | Description |
---|---|
33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
18378 | Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36) |
9575 | Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit |
9574 | Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (x86/x64) |
9542 | Linux Kernel 2.6 < 2.6.19 (32bit) ip_append_data() ring0 Root Exploit |
9479 | Linux Kernel 2.4/2.6 - sock_sendpage() ring0 Root Exploit (simple ver) |
9477 | Linux Kernel 2.x sock_sendpage() Local Root Exploit (Android Edition) |
OpenVAS Exploits
id | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2389_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities) File : nvt/deb_2427_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2462-2 (imagemagick - several vulnerabilities) File : nvt/deb_2462_2.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2534-1 (postgresql-8.4 - several vulnerabilities) File : nvt/deb_2534_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities) File : nvt/deb_2553_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities) File : nvt/deb_2583_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities) File : nvt/deb_2584_1.nasl |
2013-09-18 | Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities) File : nvt/deb_2588_1.nasl |
2012-12-31 | Name : Fedora Update for libtiff FEDORA-2012-20404 File : nvt/gb_fedora_2012_20404_libtiff_fc16.nasl |
2012-12-31 | Name : Fedora Update for libtiff FEDORA-2012-20446 File : nvt/gb_fedora_2012_20446_libtiff_fc17.nasl |
2012-12-26 | Name : CentOS Update for libtiff CESA-2012:1590 centos5 File : nvt/gb_CESA-2012_1590_libtiff_centos5.nasl |
2012-12-26 | Name : CentOS Update for libtiff CESA-2012:1590 centos6 File : nvt/gb_CESA-2012_1590_libtiff_centos6.nasl |
2012-12-26 | Name : RedHat Update for libtiff RHSA-2012:1590-01 File : nvt/gb_RHSA-2012_1590-01_libtiff.nasl |
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,) File : nvt/gb_suse_2012_0760_1.nasl |
2012-12-13 | Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox) File : nvt/gb_suse_2012_1064_1.nasl |
2012-12-13 | Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu) File : nvt/gb_suse_2012_1170_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security) File : nvt/gb_suse_2012_1172_1.nasl |
2012-12-13 | Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security) File : nvt/gb_suse_2012_1174_1.nasl |
2012-12-13 | Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox) File : nvt/gb_suse_2012_1345_1.nasl |
2012-12-13 | Name : SuSE Update for Mozilla Suite openSUSE-SU-2012:1412-1 (Mozilla Suite) File : nvt/gb_suse_2012_1412_1.nasl |
2012-12-13 | Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN) File : nvt/gb_suse_2012_1572_1.nasl |
2012-12-06 | Name : CentOS Update for kernel CESA-2012:1540 centos5 File : nvt/gb_CESA-2012_1540_kernel_centos5.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0202 | Citrix XenServer Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0061343 |
2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity: Category I - VMSKEY: V0061337 |
2015-A-0149 | Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance Severity: Category I - VMSKEY: V0061101 |
2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2014-A-0064 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0050011 |
2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
2014-A-0055 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0049585 |
2014-A-0043 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0046769 |
2014-A-0030 | Apple Mac OS X Security Update 2014-001 Severity: Category I - VMSKEY: V0044547 |
2014-A-0021 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0043921 |
2014-A-0011 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0043399 |
2014-A-0009 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0043395 |
2013-A-0233 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0042596 |
2013-A-0199 | Multiple Vulnerabilities in Oracle Fusion Middleware Severity: Category I - VMSKEY: V0040786 |
2013-A-0200 | Multiple Vulnerabilities in Oracle Java Severity: Category I - VMSKEY: V0040783 |
2013-A-0191 | Multiple Vulnerabilities in Java for Mac OS X Severity: Category I - VMSKEY: V0040779 |
2013-A-0177 | Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform Severity: Category I - VMSKEY: V0040288 |
2013-A-0146 | Multiple Security Vulnerabilities in Apache HTTP Server Severity: Category I - VMSKEY: V0039573 |
2013-B-0044 | MIT Kerberos Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0037773 |
2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0035032 |
2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
2012-A-0148 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0033794 |
2012-A-0048 | Multiple Vulnerabilities in VMware vCenter Update Manager 5.0 Severity: Category I - VMSKEY: V0031901 |
2012-A-0020 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0031252 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1 |
2020-01-14 | IonMonkey MArraySlice buffer overflow attempt RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1 |
2019-12-05 | ISC BIND DHCP client DNAME resource record parsing denial of service attempt RuleID : 52078 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | MIT Kerberos kpasswd UDP denial of service attempt RuleID : 51212 - Type : SERVER-OTHER - Revision : 1 |
2019-05-21 | Oracle Java privileged protection domain exploitation attempt RuleID : 49846 - Type : FILE-JAVA - Revision : 1 |
2019-05-21 | Oracle Java privileged protection domain exploitation attempt RuleID : 49845 - Type : FILE-JAVA - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48855 - Type : PROTOCOL-OTHER - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0758 attack attempt RuleID : 48854 - Type : PROTOCOL-OTHER - Revision : 1 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48052 - Type : BROWSER-IE - Revision : 6 |
2018-11-08 | Multiple browsers memory corruption attempt RuleID : 48051 - Type : BROWSER-IE - Revision : 6 |
2018-02-22 | OpenLDAP zero size PagedResultsControl denial of service attempt RuleID : 45513 - Type : SERVER-OTHER - Revision : 1 |
2018-01-18 | Multiple browser pressure function denial of service attempt RuleID : 45206 - Type : BROWSER-FIREFOX - Revision : 3 |
2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45119 - Type : SERVER-MAIL - Revision : 3 |
2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45118 - Type : SERVER-MAIL - Revision : 3 |
2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45116 - Type : SERVER-MAIL - Revision : 4 |
2018-01-10 | Multiple products non-ascii sender address spoofing attempt RuleID : 45115 - Type : SERVER-MAIL - Revision : 4 |
2017-12-13 | Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ... RuleID : 44808 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2017-08-17 | Apache httpd ap_find_token buffer overread attempt RuleID : 43587 - Type : SERVER-WEBAPP - Revision : 5 |
2017-04-12 | SSL/TLS weak RC4 cipher suite use attempt RuleID : 41907 - Type : POLICY-OTHER - Revision : 3 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40566 - Type : OS-LINUX - Revision : 2 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40565 - Type : OS-LINUX - Revision : 2 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40564 - Type : OS-LINUX - Revision : 2 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40563 - Type : OS-LINUX - Revision : 2 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40562 - Type : OS-LINUX - Revision : 2 |
2016-11-30 | Linux kernel madvise race condition attempt RuleID : 40561 - Type : OS-LINUX - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote Fedora host is missing a security update. File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote device is missing a vendor-supplied security patch. File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-07 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0259281ab6.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-0edb45d9db.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-44f8a7454d.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-46d7a7f63e.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-50075276e8.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-527698a904.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-5453baa4af.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-5521156807.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO |