112 matches found
CVE-2018-0486
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD...
CVE-2018-0486
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD...
CVE-2018-0486
CVE-2018-0486 affects Shibboleth XMLTooling-C prior to 1.6.3, as used in Shibboleth Service Provider prior to 2.6.0, on Windows and other platforms. The flaw arises from mishandling digital signatures of user attribute data, enabling remote attackers to read sensitive information or impersonate u...
[SECURITY] [DSA 4085-1] xmltooling security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4085-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 12, 2018 https://www.debian.org/security/faq -...
Oracle Mysql Security Updates (jan2012-366304) 02 - Windows
Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-0486
CVE-2017-0486 describes a denial-of-service vulnerability in Android’s Mediaserver. A specially crafted file could cause a device Hang or Reboot on affected Android versions (6.0, 6.0.1, 7.0, 7.1.1). The issue is described as High severity; attack vector is listed as Local (per CVSS3) with user i...
CVE-2017-0486
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID:...
CVE-2016-0486
CVE-2016-0486 affects Oracle Application Testing Suite (ATS) on Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2. The vulnerability is a directory traversal in the DownloadServlet, exploited via the exportFileName parameter, allowing a remote unauthenticated attacker to read arbitrary...
Oracle: Security Advisory (ELSA-2008-0486)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2015:0773-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-332)
OpenJDK was updated to jdk8u45-b14 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0459: 2D: unauthenticated remote attackers could execute...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Apr 2015) - Linux
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-0486
Summary: CVE-2015-0486 is described as an unspecified vulnerability in Oracle Java SE 8u40 Deployment that could allow a remote attacker to obtain sensitive information (confidentiality impact). The connected IBM advisories confirm the CVE and indicate that remediation is available via IBM securi...
KLA10548 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE,...
KLA10551 Code execution vulnerabilities in Microsoft Office
Use-after-free, XSS and aother unspecified vulnerabilities were found in Microsoft products. By exploiting these vulnerabilities malicious users can execute or inject arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document. Original advisories...
Oracle Java SE 8 < Update 41 Multiple Vulnerabilities
Binary data 8748.prm...
Juniper Junos Space < 13.1R1 MySQL Multiple Vulnerabilities (JSA10601)
According to its self-reported version number, the remote Junos Space version is prior to 13.1R1. It is, therefore, affected by multiple vulnerabilities related to the installed MySQL version. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid80193; scriptversion"1.4";...
F5 Networks BIG-IP : Multiple MySQL vulnerabilities (K14410)
For BIG-IP systems using the MySQL database, the following MySQL vulnerabilities may allow local users to gain knowledge of sensitive information, manipulate certain data, or cause a Denial of Service DoS:CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112...
Fedora 21 : knot-1.5.2-1.fc21 (2014-10507)
New upstream release : - CVE-2014-0486: remote crash using crafted DNS message - transfers: do not refuse AXFR answers to IXFR queries - fix storing of hash character '' in zone file Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
IBM Lotus Domino Multiple Vulnerabilities
IBM Lotus Domino is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino"; if...