Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2696 | 5 Canonical, Debian, Mit and 2 more | 8 Ubuntu Linux, Debian Linux, Kerberos 5 and 5 more | 2021-02-02 | 7.1 HIGH | N/A |
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. | |||||
CVE-2019-7263 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2019-07-03 | 10.0 HIGH | 9.8 CRITICAL |
Linear eMerge E3-Series devices have a Version Control Failure. | |||||
CVE-2016-7429 | 1 Ntp | 1 Ntp | 2018-01-04 | 4.3 MEDIUM | 3.7 LOW |
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use. | |||||
CVE-2014-8994 | 1 Check Diskio Project | 1 Check Diskio | 2017-09-07 | 3.6 LOW | N/A |
The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*). | |||||
CVE-2015-7262 | 1 Qnap | 2 Iartist Lite, Signage Station | 2016-03-11 | 8.5 HIGH | 7.5 HIGH |
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot. | |||||
CVE-2015-0962 | 1 Barracuda | 1 Web Filter | 2015-05-27 | 4.3 MEDIUM | N/A |
Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship. |