105 matches found
CVE-2018-0904
The CVE-2018-0904 entry concerns a Windows kernel information disclosure vulnerability affecting Windows kernel in multiple client/server OS builds (Windows 7/8.1/10, Windows Server 2008 R2/2012/2016, etc.). Root cause: memory address handling in the kernel allows partial information disclosure w...
CVE-2017-0904
The private_address_check Ruby gem (versions before 0.4.0) is affected by a bypass of its own privacy filter due to using Ruby’s Resolv.getaddresses, which is OS-dependent and cannot be trusted for security checks. This can undermine server-side request forgery protections that rely on blacklisti...
CVE-2015-0904
The CVE-2015-0904 issue affects the Android app “Restaurant Karaoke SHIDAX” (versions 1.3.3 and earlier). The root cause is failure to validate SSL server certificates, which enables a man-in-the-middle attack that can expose sensitive data in encrypted communications. Multiple sources in the con...
CVE-2006-0904
CVE-2006-0904 is rejected/not used per the initial description; this entry does not represent an active vulnerability.
CVE-2006-0904
...
Virtuozzo Linux Errata and Bugfix Advisory 2017:0904
Upstream security update. Follow RHBA-2017-0904 for details...
EMC Avamar < 7.3.0-233 Multiple Vulnerabilities
EMC Avamar is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:emc:avamar"; if description...
CVE-2016-0904
Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...
CVE-2016-0904
The CVE-2016-0904 entry covers EMC Avamar Server components: Avamar Data Store (ADS) and Avamar Virtual Edition (AVE). The root cause is that ADS/AVE installations use the same encryption key across different customers, enabling a remote attacker to defeat cryptographic protections and glean sens...
Oracle: Security Advisory (ELSA-2013-0169)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
No description provided by source. $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
openSUSE Security Update : vino (openSUSE-SU-2011:0481-1)
Two out of bounds memory access vulnerabilities in vinos' libvncserver have been fixed. CVE-2011-0904 and CVE-2011-0905 have been assigned. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : vino (openSUSE-SU-2011:0481-1)
Two out of bounds memory access vulnerabilities in vinos' libvncserver have been fixed. CVE-2011-0904 and CVE-2011-0905 have been assigned. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2014-0904
The CVE-2014-0904 issue affects IBM Security AppScan Standard versions 7.9–8.8, where the update mechanism does not perform integrity checks on downloaded files, enabling remote arbitrary-code execution via a crafted file. The vulnerability impacts the application’s update process and can be expl...
KLA10209 ACE vulnerability in IBM Security AppScan
The lack of an integrity check was found in IBM Security AppScan Standart. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories - Related products...
Oracle Linux 6 : vino (ELSA-2013-0169)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2013-0169 advisory. - Add reachability.patch Remove UI about whether the is only reachable locally or not. Fix for CVE-2011-1164 - Bug 553477 - Add upnp.patch Fix for...
Google Chrome Multiple Vulnerabilities-02 March 2013 (Linux)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02mar13lin.nasl 6079 2017-05-08 09:03:33Z teissa $ Google Chrome Multiple Vulnerabilities-02 March 2013 Linux Authors: Thanga Prakash S Copyright: Copyright c...
Google Chrome Multiple Vulnerabilities-02 March 2013 (Windows)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02mar13win.nasl 6074 2017-05-05 09:03:14Z teissa $ Google Chrome Multiple Vulnerabilities-02 March 2013 Windows Authors: Thanga Prakash S Copyright: Copyright ...
FreeBSD : chromium -- multiple vulnerabilities (40d5ab37-85f2-11e2-b528-00262d5ed8ee)
Google Chrome Releases reports : 176882 High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva. 176252 High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to 'chromium.khalil'. 172926 172331 High CVE-2013-0904: Memory corruption in Web Audio. Credit to...
Google Chrome < 25.0.1364.152 Multiple Vulnerabilities
Binary data 800923.prm...