Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X)

The version of Thunderbird installed on the remote Mac OS X host is a version prior to 31.1. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitra...

CVE-2014-1564

creationtimestamp| type| source ---|---|--- 2014-09-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39295...

CVE-2013-7332

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

Design/Logic Flaw

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

IBM Domino 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities

The remote host has a version of IBM Domino formerly Lotus Domino 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues...

CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...

RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0757)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

CVE-2013-1564 vulnerabilities

Vulnerabilities for packages: openjdk-21-openj9, openjdk-17-openj9, openjdk-11-openj9, openjdk-8-openj9...

CVE-2013-1564

Technical details for CVE-2013-1564 are not publicly provided in the supplied connected documents. Please monitor for updates from the referenced advisories and OSV entries.

CVE-2012-1564

Cross-site scripting XSS vulnerability in administration/createalbum.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1564

The CVE-2012-1564 entry concerns a Cross-site scripting (XSS) vulnerability in the YVS Image Gallery, specifically in administration/create_album.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The available connected documents confir...

Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64

Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. CVE-2007-0242, CVE-2007-0537 A flaw was found in KDE JavaScript implementation. A web page containing...

Code injection

Cisco Unified Presence before 8.54 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption, and process crash via a crafted XML document containing a large number of nested entity references, aka Bug IDs...

Code injection

Cisco Jabber Extensible Communications Platform aka Jabber XCP 2.x through 5.4.x before 5.4.0.27581 and 5.8.x before 5.8.1.27561 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption, and process crash via...

CVE-2011-3288

Cisco Unified Presence before 8.54 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption, and process crash via a crafted XML document containing a large number of nested entity references, aka Bug IDs...

ActivDesk < 3.0.1 Multiple Vulnerabilities - Active Check

ActivDesk is prone to multiple cross-site scripting XSS and SQL injection SQLi vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Code injection

Prosody before 0.8.1 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

CVE-2011-2205

Prosody before 0.8.1 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564...

CVE-2011-1753

expaterl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of neste...