Summary
| Detail | |||
|---|---|---|---|
| Vendor | Suse | First view | 2008-07-08 |
| Product | Suse Linux Enterprise Server | Last view | 2020-07-29 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.4 | 2020-07-29 | CVE-2020-15707 | Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. |
| 6.4 | 2020-07-29 | CVE-2020-15706 | GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. |
| 6.4 | 2020-07-29 | CVE-2020-15705 | GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. |
| 8.8 | 2020-03-23 | CVE-2020-6449 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 8.8 | 2020-03-23 | CVE-2020-6429 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 8.8 | 2020-03-23 | CVE-2020-6428 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 8.8 | 2020-03-23 | CVE-2020-6427 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 6.5 | 2020-03-23 | CVE-2020-6426 | Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 8.8 | 2020-03-23 | CVE-2020-6424 | Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 8.8 | 2020-03-23 | CVE-2020-6422 | Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| 2.5 | 2020-03-02 | CVE-2020-8013 | A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1. |
| 9.8 | 2020-03-02 | CVE-2019-18903 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62. |
| 9.8 | 2020-03-02 | CVE-2019-18902 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62. |
| 5.5 | 2020-03-02 | CVE-2019-18901 | A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1. |
| 7.8 | 2020-03-02 | CVE-2019-18897 | A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions. |
| 4.9 | 2020-02-04 | CVE-2019-15624 | Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. |
| 5.5 | 2020-01-27 | CVE-2018-20105 | A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2. |
| 6.5 | 2020-01-23 | CVE-2015-5239 | Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. |
| 8.8 | 2020-01-09 | CVE-2020-5504 | In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. |
| 7.1 | 2019-10-07 | CVE-2019-3688 | The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary |
| 8.8 | 2018-11-29 | CVE-2018-19655 | A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. |
| 7.5 | 2018-11-28 | CVE-2018-12122 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. |
| 7.5 | 2018-11-28 | CVE-2018-12116 | Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. |
| 6.5 | 2018-11-12 | CVE-2018-19208 | In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. |
| 7.5 | 2018-11-07 | CVE-2018-19052 | An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 13% (16) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (13) | CWE-416 | Use After Free |
| 9% (11) | CWE-787 | Out-of-bounds Write |
| 6% (8) | CWE-200 | Information Exposure |
| 5% (7) | CWE-476 | NULL Pointer Dereference |
| 5% (7) | CWE-362 | Race Condition |
| 4% (5) | CWE-269 | Improper Privilege Management |
| 4% (5) | CWE-17 | Code |
| 3% (4) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 2% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 2% (3) | CWE-190 | Integer Overflow or Wraparound |
| 2% (3) | CWE-189 | Numeric Errors |
| 2% (3) | CWE-125 | Out-of-bounds Read |
| 2% (3) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 2% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 2% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 2% (3) | CWE-20 | Improper Input Validation |
| 1% (2) | CWE-310 | Cryptographic Issues |
| 1% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (1) | CWE-672 | Operation on a Resource after Expiration or Release |
| 0% (1) | CWE-532 | Information Leak Through Log Files |
| 0% (1) | CWE-417 | Channel and Path Errors |
| 0% (1) | CWE-415 | Double Free |
| 0% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-60 | Reusing Session IDs (aka Session Replay) |
| CAPEC-61 | Session Fixation |
| CAPEC-62 | Cross Site Request Forgery (aka Session Riding) |
| CAPEC-122 | Exploitation of Authorization |
| CAPEC-180 | Exploiting Incorrectly Configured Access Control Security Levels |
| CAPEC-232 | Exploitation of Privilege/Trust |
| CAPEC-234 | Hijacking a privileged process |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:6633 | Linux Kernel TTY Operations NULL Pointer Dereference Denial of Service Vulner... |
| oval:org.mitre.oval:def:11632 | The Linux kernel before 2.6.25.10 does not properly perform tty operations, w... |
| oval:org.mitre.oval:def:22645 | ELSA-2008:0612: kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:28983 | RHSA-2008:0612 -- kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:8183 | DSA-1630 linux-2.6 -- denial of service/information leak |
| oval:org.mitre.oval:def:6551 | Linux Kernel UBIFS Orphan Inode Local Denial of Service Vulnerability |
| oval:org.mitre.oval:def:18465 | DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities |
| oval:org.mitre.oval:def:10744 | The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs ... |
| oval:org.mitre.oval:def:29129 | RHSA-2008:0885 -- kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:10053 | fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does no... |
| oval:org.mitre.oval:def:13014 | USN-841-1 -- glib2.0 vulnerability |
| oval:org.mitre.oval:def:9921 | net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local user... |
| oval:org.mitre.oval:def:7937 | DSA-1928 linux-2.6.24 -- privilege escalation/denial of service/sensitive mem... |
| oval:org.mitre.oval:def:6895 | Linux Kernel 'unix_stream_connect()' Local Denial of Service Vulnerability |
| oval:org.mitre.oval:def:13735 | DSA-1929-1 linux-2.6 -- privilege escalation/denial of service/sensitive memo... |
| oval:org.mitre.oval:def:13351 | DSA-1928-1 linux-2.6.24 -- privilege escalation/denial of service/sensitive m... |
| oval:org.mitre.oval:def:9327 | Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 a... |
| oval:org.mitre.oval:def:7608 | Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability |
| oval:org.mitre.oval:def:11513 | Service Console update for COS kernel |
| oval:org.mitre.oval:def:11434 | Vulnerability in rendering/FixedTableLayout.cpp in WebCore in WebKit in Googl... |
| oval:org.mitre.oval:def:11861 | Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in ... |
| oval:org.mitre.oval:def:11948 | Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0... |
| oval:org.mitre.oval:def:20326 | Third party component updates for VMware vCenter Server, vCenter Update Manag... |
| oval:org.mitre.oval:def:22091 | RHSA-2010:0610: kernel security and bug fix update (Important) |
| oval:org.mitre.oval:def:19850 | Third party component updates for VMware vCenter Server, vCenter Update Manag... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 74661 | Linux Kernel mount.cifs Password Protected Mounted CIFS Share Hijacking Weakness |
| 69673 | Google Chrome XPath Handling Double-free Remote DoS |
| 69205 | libxml2 Crafted XML File XPath Axis Traversal DoS |
| 69003 | Linux Kernel KVM Memory arch/x86/kvm/x86.c Multiple Function Memory Content D... |
| 68213 | Linux Kernel on 64-bit include/asm/compat.h compat_alloc_user_space Function ... |
| 68173 | Linux Kernel net/sched/act_skbedit.c tcf_skbedit_dump Function Network Queuei... |
| 68172 | Linux Kernel net/sched/act_simple.c tcf_simp_dump Function Network Queueing A... |
| 68171 | Linux Kernel net/sched/act_nat.c tcf_nat_dump Function Network Queueing Actio... |
| 68170 | Linux Kernel net/sched/act_mirred.c tcf_mirred_dump Function Network Queueing... |
| 68169 | Linux Kernel net/sched/act_gact.c tcf_gact_dump Function Network Queueing Act... |
| 67916 | Linux Kernel fs/btrfs/ioctl.c btrfs_ioctl_clone Function Arbitrary File Overw... |
| 67896 | Linux Kernel L2TP drivers/net/pppol2tp.c pppol2tp_xmit Function Routing Chang... |
| 67892 | Linux Kernel fs/ext4/move_extent.c mext_check_arguments Function MOVE_EXT IOC... |
| 67881 | Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack... |
| 67775 | Linux Kernel security/keys/keyctl.c keyctl_session_to_parent() Function NULL ... |
| 67366 | Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R... |
| 66582 | Linux Kernel CIFS DNS Resolver Lookup Results Keyring Cache Poisoning Weakness |
| 65407 | Google Chrome WebKit WebCore rendering/FixedTableLayout.cpp Table Layout Memo... |
| 65402 | Google Chrome WebKit WebCore editing/markup.cpp Textarea innerHTML Property XSS |
| 65401 | Google Chrome WebKit WebCore Font Handling Use-after-free Memory Corruption |
| 59654 | Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local... |
| 59210 | Linux Kernel net/unix/af_unix.c AF_UNIX Socket Reconnect Local DoS |
| 58345 | glib g_file_copy Function Symlink Arbitrary File Permission Modification |
| 48466 | Linux Kernel dio Subsystem fs/direct-io.c Local DoS |
| 47788 | Linux Kernel VFS fs/namei.c Multiple Function Local DoS |
ExploitDB Exploits
| id | Description |
|---|---|
| 33516 | Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-2003 File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-15 (libpng) File : nvt/glsa_201206_15.nasl |
| 2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl |
| 2012-08-02 | Name : SuSE Update for mozilla-xulrunner192 openSUSE-SU-2012:0297-1 (mozilla-xulrunn... File : nvt/gb_suse_2012_0297_1.nasl |
| 2012-08-02 | Name : SuSE Update for libpng12 openSUSE-SU-2012:0316-1 (libpng12) File : nvt/gb_suse_2012_0316_1.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0017 centos5 File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0140 centos6 File : nvt/gb_CESA-2012_0140_thunderbird_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for seamonkey CESA-2012:0141 centos4 File : nvt/gb_CESA-2012_0141_seamonkey_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for firefox CESA-2012:0142 centos4 File : nvt/gb_CESA-2012_0142_firefox_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for xulrunner CESA-2012:0143 centos5 File : nvt/gb_CESA-2012_0143_xulrunner_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for xulrunner CESA-2012:0143 centos6 File : nvt/gb_CESA-2012_0143_xulrunner_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for libpng10 CESA-2012:0317 centos4 File : nvt/gb_CESA-2012_0317_libpng10_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos4 File : nvt/gb_CESA-2012_0317_libpng_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos5 File : nvt/gb_CESA-2012_0317_libpng_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos6 File : nvt/gb_CESA-2012_0317_libpng_centos6.nasl |
| 2012-07-13 | Name : VMSA-2012-0012 VMware ESXi update addresses several security issues. File : nvt/gb_VMSA-2012-0012.nasl |
| 2012-07-09 | Name : RedHat Update for libxml2 RHSA-2011:1749-03 File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl |
| 2012-07-09 | Name : RedHat Update for thunderbird RHSA-2012:0140-01 File : nvt/gb_RHSA-2012_0140-01_thunderbird.nasl |
| 2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity: Category I - VMSKEY: V0061089 |
| 2014-A-0064 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0050011 |
| 2014-A-0043 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0046769 |
| 2014-A-0021 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0043921 |
| 2013-A-0233 | Multiple Vulnerabilities in Mozilla Products Severity: Category I - VMSKEY: V0042596 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032171 |
| 2011-A-0147 | Multiple Vulnerabilities in VMware ESX and ESXi Severity: Category I - VMSKEY: V0030545 |
| 2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
| 2010-B-0085 | Linux Kernel Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0025410 |
| 2009-A-0105 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0021867 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-02-20 | Intel x64 side-channel analysis information leak attempt RuleID : 45444 - Type : OS-OTHER - Revision : 2 |
| 2018-02-20 | Intel x64 side-channel analysis information leak attempt RuleID : 45443 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x64 side-channel analysis information leak attempt RuleID : 45368 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x64 side-channel analysis information leak attempt RuleID : 45367 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45366 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45365 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45364 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45363 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45362 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45361 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45360 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45359 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45358 - Type : OS-OTHER - Revision : 2 |
| 2018-02-06 | Intel x86 side-channel analysis information leak attempt RuleID : 45357 - Type : OS-OTHER - Revision : 2 |
| 2018-01-18 | Multiple browser pressure function denial of service attempt RuleID : 45206 - Type : BROWSER-FIREFOX - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39006 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39005 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39004 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39003 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39002 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39001 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-22 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 39000 - Type : FILE-IMAGE - Revision : 3 |
| 2016-06-17 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 38948 - Type : FILE-IMAGE - Revision : 4 |
| 2016-06-17 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 38947 - Type : FILE-IMAGE - Revision : 4 |
| 2016-06-17 | ImageMagick WWWDecodeDelegate command injection attempt RuleID : 38946 - Type : FILE-IMAGE - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-12-28 | Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili... File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO |
| 2018-12-10 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO |
| 2018-12-06 | Name: The remote web server is affected by multiple vulnerabilities File: lighttpd_1_4_50.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL91229003.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1236.nasl - Type: ACT_GATHER_INFO |
| 2018-08-23 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201808-02.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0098.nasl - Type: ACT_GATHER_INFO |
| 2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0011.nasl - Type: ACT_GATHER_INFO |
| 2018-07-20 | Name: The remote Debian host is missing a security update. File: debian_DLA-1423.nasl - Type: ACT_GATHER_INFO |
| 2018-07-16 | Name: The remote Debian host is missing a security update. File: debian_DLA-1422.nasl - Type: ACT_GATHER_INFO |
| 2018-05-03 | Name: The remote Debian host is missing a security update. File: debian_DLA-1369.nasl - Type: ACT_GATHER_INFO |
| 2018-05-02 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4187.nasl - Type: ACT_GATHER_INFO |
| 2018-05-02 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4188.nasl - Type: ACT_GATHER_INFO |
| 2018-04-18 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-956.nasl - Type: ACT_GATHER_INFO |
| 2018-03-29 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_1ce95bc7327811e8b52700012e582166.nasl - Type: ACT_GATHER_INFO |
| 2018-03-15 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-0512.nasl - Type: ACT_GATHER_INFO |
| 2018-02-28 | Name: The version of Arista Networks EOS running on the remote device is affected b... File: arista_eos_sa0017.nasl - Type: ACT_GATHER_INFO |
| 2018-02-27 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-057-01.nasl - Type: ACT_GATHER_INFO |
| 2018-02-23 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4120.nasl - Type: ACT_GATHER_INFO |
| 2018-02-22 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-956.nasl - Type: ACT_GATHER_INFO |
| 2018-02-05 | Name: The remote Virtuozzo host is missing multiple security updates. File: Virtuozzo_VZA-2018-006.nasl - Type: ACT_GATHER_INFO |
| 2018-01-30 | Name: A web browser installed on the remote Windows host is affected by multiple se... File: google_chrome_64_0_3282_119.nasl - Type: ACT_GATHER_INFO |
| 2018-01-26 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-0151.nasl - Type: ACT_GATHER_INFO |
| 2018-01-25 | Name: The remote AIX host is missing a security patch. File: aix_IJ03029.nasl - Type: ACT_GATHER_INFO |
