Lucene search
+L

112 matches found

OSV
OSV
added 2018/01/13 6:29 p.m.12 views

CVE-2018-0486

Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD...

6.5CVSS6.3AI score
Exploits0References5
Cvelist
Cvelist
added 2018/01/13 6:0 p.m.28 views

CVE-2018-0486

Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD...

6.1AI score0.01518EPSS
Exploits2References5
CVE
CVE
added 2018/01/13 6:0 p.m.101 views

CVE-2018-0486

CVE-2018-0486 affects Shibboleth XMLTooling-C prior to 1.6.3, as used in Shibboleth Service Provider prior to 2.6.0, on Windows and other platforms. The flaw arises from mishandling digital signatures of user attribute data, enabling remote attackers to read sensitive information or impersonate u...

6.5CVSS6AI score0.01518EPSS
Exploits2References5Affected Software1
Debian
Debian
added 2018/01/12 10:14 p.m.71 views

[SECURITY] [DSA 4085-1] xmltooling security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4085-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 12, 2018 https://www.debian.org/security/faq -...

6.5CVSS6.4AI score0.01518EPSS
Exploits2
OpenVAS
OpenVAS
added 2017/12/14 12:0 a.m.36 views

Oracle Mysql Security Updates (jan2012-366304) 02 - Windows

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.9AI score0.03309EPSS
Exploits0References11
CVE
CVE
added 2017/03/08 1:0 a.m.64 views

CVE-2017-0486

CVE-2017-0486 describes a denial-of-service vulnerability in Android’s Mediaserver. A specially crafted file could cause a device Hang or Reboot on affected Android versions (6.0, 6.0.1, 7.0, 7.1.1). The issue is described as High severity; attack vector is listed as Local (per CVSS3) with user i...

7.1CVSS5.4AI score0.00616EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/03/08 1:0 a.m.28 views

CVE-2017-0486

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID:...

5.5AI score0.00616EPSS
Exploits0References3
CVE
CVE
added 2016/01/21 2:0 a.m.66 views

CVE-2016-0486

CVE-2016-0486 affects Oracle Application Testing Suite (ATS) on Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2. The vulnerability is a directory traversal in the DownloadServlet, exploited via the exportFileName parameter, allowing a remote unauthenticated attacker to read arbitrary...

5CVSS6.5AI score0.27519EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.16 views

Oracle: Security Advisory (ELSA-2008-0486)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02647EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/18 12:0 a.m.57 views

openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2015:0773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.5AI score0.06451EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.42 views

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-332)

OpenJDK was updated to jdk8u45-b14 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0459: 2D: unauthenticated remote attackers could execute...

10CVSS6.2AI score0.07224EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2015/04/21 12:0 a.m.37 views

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Apr 2015) - Linux

Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS4AI score0.03121EPSS
Exploits0References3
CVE
CVE
added 2015/04/16 4:0 p.m.95 views

CVE-2015-0486

Summary: CVE-2015-0486 is described as an unspecified vulnerability in Oracle Java SE 8u40 Deployment that could allow a remote attacker to obtain sensitive information (confidentiality impact). The connected IBM advisories confirm the CVE and indicate that remediation is available via IBM securi...

5CVSS3.2AI score0.02575EPSS
Exploits0References7Affected Software2
Kaspersky
Kaspersky
added 2015/04/14 12:0 a.m.116 views

KLA10548 Multiple vulnerabilities in Oracle products

An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE,...

10CVSS7.4AI score0.98685EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2015/04/14 12:0 a.m.72 views

KLA10551 Code execution vulnerabilities in Microsoft Office

Use-after-free, XSS and aother unspecified vulnerabilities were found in Microsoft products. By exploiting these vulnerabilities malicious users can execute or inject arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document. Original advisories...

10CVSS8.2AI score0.98685EPSS
Exploits0References29
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.44 views

Oracle Java SE 8 < Update 41 Multiple Vulnerabilities

Binary data 8748.prm...

10CVSS6.2AI score0.07224EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.47 views

Juniper Junos Space < 13.1R1 MySQL Multiple Vulnerabilities (JSA10601)

According to its self-reported version number, the remote Junos Space version is prior to 13.1R1. It is, therefore, affected by multiple vulnerabilities related to the installed MySQL version. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid80193; scriptversion"1.4";...

9CVSS5.6AI score0.05305EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.34 views

F5 Networks BIG-IP : Multiple MySQL vulnerabilities (K14410)

For BIG-IP systems using the MySQL database, the following MySQL vulnerabilities may allow local users to gain knowledge of sensitive information, manipulate certain data, or cause a Denial of Service DoS:CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112...

5.5CVSS5.2AI score0.03309EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2014/09/23 12:0 a.m.25 views

Fedora 21 : knot-1.5.2-1.fc21 (2014-10507)

New upstream release : - CVE-2014-0486: remote crash using crafted DNS message - transfers: do not refuse AXFR answers to IXFR queries - fix storing of hash character '' in zone file Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

7.5CVSS7.3AI score0.03462EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/12/10 12:0 a.m.29 views

IBM Lotus Domino Multiple Vulnerabilities

IBM Lotus Domino is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:lotusdomino"; if...

8.5CVSS6.3AI score0.01874EPSS
Exploits0References5
Rows per page
Query Builder