5836 matches found
DaloRADIUS Web Management Multiple Vulnerabilities
DaloRADIUS Web Management is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Asteriskguru Queue Statistics Cross Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2013-002 - Original release date: January 22nd, 2013 - Last revised: March 10th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score ============================================= I...
java-1_7_0-openjdk: update to 2.3.6 (critical)
java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...
SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)
java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...
java-1_6_0-openjdk to 1.12.2 (important)
OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)
Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...
friendsinwar FAQ Manager - view_faq.php?question SQL Injection
friendsinwar FAQ Manager - viewfaq.php?question SQL Injection Exploit Title: friendsinwar FAQ Manager SQL Injection URL Vulnerability Date: 16.11 2012 Exploit Author: unsuprise Vendor Homepage: http://www.friendsinwar.com Software Link:http://www.friendsinwar.com/scriptdemo/thefaqmanager/ Tested...
OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
utempter information spoofing
User supplied data is not checked before writing to utmp...
CA BrightStor ARCserve Backup Tape Engine RPC Procedure Memory Corruption (CVE-2007-1447)
A memory corruption vulnerability has been reported in CA BrightStor ARCserve. The vulnerability is due to improper data validation when processing stub data of an RPC call made to the Tape Engine. A remote attacker can exploit this issue by performing a malicious RPC call to a vulnerable server...
Apple Quicktime TeXML sampleData Element Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...
Microsoft .NET Framework Serialization Data Validation Error (MS12-035; CVE-2012-0160)
A remote code execution vulnerability has been reported in the Microsoft .NET Framework...
Imagemagic multiple security vulnerabilities
Buffer overflows, insufficient user supplied data validation...
SuSE 11.1 Security Update : LibreOffice (SAT Patch Number 6003)
The update fixes the following security issues : - 740453: Vulnerability in RDF handling. CVE-2012-0037 - 752595: overflow in jpeg handling CVE-2012-1149 This update also fixes the following non-security issues : Extras : - add SUSE color palette fate312645 Filters : - crash when loading embedded...
[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4
waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...
Microsoft Office Drawing Object Code Execution (MS07-025; CVE-2007-1747)
A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to insufficient data validation by the application when parsing Office drawing objects. A remote attacker may exploit this vulnerability by enticing target users to open a specially crafted Offic...