Page 54 of 279 results (0.012 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.22 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Core. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91860 http://www.securitytracker.com/id/1036384 •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.26 permite a usuarios locales afectar la disponibilidad relacionada con Core. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91864 http://www.securitytracker.com/id/1036384 •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.18 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Core. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00130.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00002.html http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securitytracker.com/id/1035607 •

CVSS: 5.9EPSS: 1%CPEs: 38EXPL: 0

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. ssl/s2_srvr.c en OpenSSL 1.0.1 en versiones anteriores a 1.0.1r y 1.0.2 en versiones anteriores a 1.0.2f no impide el uso de cifrados deshabilitados, lo que hace que sea más fácil para atacantes man-in-the-middle vencer los mecanismos de protección criptográfica llevando a cabo cálculos sobre tráfico SSLv2, relacionado con las funciones get_client_master_key y get_client_hello. A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that were disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 4.3.36 y en versiones anteriores a 5.0.14 permite a usuarios locales afectar a la disponibilidad a través de vectores desconocidos relacionados con Core. • http://www.debian.org/security/2016/dsa-3454 http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securityfocus.com/bid/81224 http://www.securitytracker.com/id/1034731 •