CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 3CVE-2006-7246
https://notcve.org/view.php?id=CVE-2006-7246
27 Jan 2020 — NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. NetworkManager versiones 0.9.x, no fija un asunto del certificado en un ESSID cuando es usada la autenticación 802.11X. • http://www.openwall.com/lists/oss-security/2010/04/22/2 • CWE-295: Improper Certificate Validation •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 1CVE-2012-2736
https://notcve.org/view.php?id=CVE-2012-2736
26 Dec 2019 — In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. En NetworkManager versión 0.9.2.0, cuando una nueva red inalámbrica fue creada con seguridad WPA/WPA2 en modo AdHoc, creó una red abierta y no segura. • http://lists.opensuse.org/opensuse-updates/2012-09/msg00049.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9957 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9957
12 Apr 2017 — Stack-based buffer overflow in game-music-emu before 0.6.1. Desbordamiento de búfer basado en pila en game-music-emu en versiones anteriores a 0.6.1. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9958 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9958
12 Apr 2017 — game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. game-music-emu en versiones anteriores a 0.6.1 permite a atacantes remotos escribir en ubicaciones de memoria arbitrarias. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2016-9959 – Gentoo Linux Security Advisory 201707-02
https://notcve.org/view.php?id=CVE-2016-9959
12 Apr 2017 — game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. game-music-emu en versiones anteriores a 0.6.1 permite a los atacantes remotos generar valores fuera de los límites de 8 bits. Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 81%CPEs: 228EXPL: 0CVE-2016-1285 – bind: malformed packet sent to rndc can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1285
09 Mar 2016 — named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 no maneja adecuadamente los archivos DNAME cuando analiza gramaticalmente l... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html • CWE-617: Reachable Assertion •
CVSS: 8.6EPSS: 76%CPEs: 228EXPL: 0CVE-2016-1286 – bind: malformed signature records for DNAME records can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1286
09 Mar 2016 — named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro de firma manipulado para un registro DNAME, ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html • CWE-617: Reachable Assertion •
CVSS: 5.3EPSS: 13%CPEs: 56EXPL: 1CVE-2015-3195 – OpenSSL: X509_ATTRIBUTE memory leak
https://notcve.org/view.php?id=CVE-2015-3195
03 Dec 2015 — The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. La implementación ASN1_TFLG_COMBINE en crypto/asn1/tasn_dec.c en OpenSSL en versiones anteriores a 0.9.8zh, 1.0.0 en versiones anteriores a 1.0.0t, 1.... • https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2015-3195 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 10.0EPSS: 4%CPEs: 67EXPL: 0CVE-2014-0553 – flash-plugin: multiple code execution or security bypass flaws (APSB14-21)
https://notcve.org/view.php?id=CVE-2014-0553
10 Sep 2014 — Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.244 y 14.x y 15.x anterior a 15.0.0.152... • http://helpx.adobe.com/security/products/flash-player/apsb14-21.html •
CVSS: 6.5EPSS: 2%CPEs: 4EXPL: 1CVE-2011-2198 – Gentoo Linux Security Advisory 201412-10
https://notcve.org/view.php?id=CVE-2011-2198
21 May 2014 — The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@". La capacidad de "insertar caracteres en blanco" en caps.c en gnome-terminal (vte) en versiones anteriores a 0.28.1 permite a usuarios autenticados remotos provocar una denegación de servicio (consumo de CPU y memoria y caída)... • http://lists.opensuse.org/opensuse-updates/2012-08/msg00001.html • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •