Lucene search
K

91 matches found

CVE
CVE
added 2019/01/22 8:0 p.m.31 views

CVE-2018-2197

This CVE entry is rejected/not used; the candidate was in CNA pool and not assigned to issues.

7.3AI score
Exploits0
CVE
CVE
added 2016/12/29 10:0 p.m.93 views

CVE-2016-2197

QEMU (with IDE AHCI emulation) is affected by CVE-2016-2197 due to a NULL pointer dereference when unmapping FIS and CLB entries, allowing a privileged guest user to crash the QEMU process and cause a DoS. Remediation per sources includes upgrading to a fixed release (PowerKVM advisory notes this...

5.5CVSS5.9AI score0.00421EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/08 12:0 a.m.39 views

openSUSE Security Update : qemu (openSUSE-2016-839)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

9.8CVSS6.5AI score0.06336EPSS
Exploits2References66
Tenable Nessus
Tenable Nessus
added 2016/04/05 12:0 a.m.31 views

GLSA-201604-01 : QEMU: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201604-01 QEMU: Multiple vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Local users within a guest QEMU environment can execute...

8.1CVSS7.1AI score0.06085EPSS
Exploits0References11
CVE
CVE
added 2016/03/24 1:0 a.m.67 views

CVE-2009-2197

CVE-2009-2197 affects Apple Safari prior to 9.1, where dialog text could be injected with page-supplied content, enabling UI spoofing. The official Apple advisory for Safari 9.1 states that the issue was addressed by removing inclusion of dialog text, mitigating the spoofing vector. The NVD entry...

4.3CVSS5.3AI score0.01415EPSS
Exploits0References4Affected Software1
Apple
Apple
added 2016/03/21 12:0 a.m.138 views

About the security content of Safari 9.1

About the security content of Safari 9.1 This document describes the security content of Safari 9.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...

9.3CVSS7.3AI score0.04125EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.43 views

Fedora 22 : qemu-2.3.1-12.fc22 (2016-be042f7e6f)

CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...

7.5CVSS6.7AI score0.03897EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.37 views

Fedora 23 : qemu-2.4.1-7.fc23 (2016-b49aaf2c56)

CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...

7.5CVSS6.7AI score0.03897EPSS
Exploits0References8
NVD
NVD
added 2015/03/03 7:59 p.m.18 views

CVE-2015-2197

Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...

3.5CVSS5.3AI score0.01402EPSS
Exploits0References3
CVE
CVE
added 2015/03/03 7:0 p.m.40 views

CVE-2015-2197

CVE-2015-2197 affects Drupal’s Entity API module (7.x-1.x) before 7.x-1.6. The vulnerability is an XSS via field labels exposed through the Token API, caused by insufficient sanitization of user-supplied input. Impact: remote authenticated users can inject arbitrary script/HTML. Mitigation: upgra...

3.5CVSS5.4AI score0.01402EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/03/03 7:0 p.m.26 views

CVE-2015-2197

Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...

5.3AI score0.01402EPSS
Exploits0References3
Drupal
Drupal
added 2015/02/25 12:0 a.m.22 views

SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)

The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties. The module doesn't sufficiently sanitize field labels when exposing them through the Token API thereby exposing a Cross Site Scripting XSS vulnerability. This...

3.5CVSS5.7AI score0.01402EPSS
Exploits0References11
CVE
CVE
added 2014/07/07 10:0 a.m.59 views

CVE-2014-2197

CVE-2014-2197 affects Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4. The Admin GUI did not properly implement access control, allowing remote authenticated users to modify administrative credentials via a crafted URL (Privilege Escalation typ...

9CVSS6.3AI score0.02876EPSS
Exploits0References5Affected Software2
OpenVAS
OpenVAS
added 2014/05/12 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-2197-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.1AI score0.22475EPSS
Exploits7References4
CVE
CVE
added 2013/08/28 3:0 p.m.45 views

CVE-2013-2197

CVE-2013-2197 affects Drupal’s Login Security module. The vulnerability, triggered when the login delay feature is enabled, allows a remote attacker to cause a denial of service via a high volume of failed login attempts, consuming CPU. Affected are Drupal 6.x-1.x before 6.x-1.3 and 7.x-1.x befor...

4.3CVSS9AI score0.01336EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/10/25 12:0 a.m.66 views

IBM DB2 9.7 < Fix Pack 7 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.7 running on the remote host is prior to Fix Pack 7. It is, therefore, affected by one or more of the following issues : - An error exists related to the stored procedure 'SQLJ.DB2INSTALLJAR' that can allow 'JAR' files to be overwritten. Not...

8.5CVSS5.9AI score0.04908EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2012/09/28 12:0 a.m.49 views

IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities

According to its version, the installation of DB2 10.1 running on the remote host is affected by one or more of the following issues : - An error exists in the stored procedure 'SQLJ.DB2INSTALLJAR' that can allow unauthorized replacement of Jar files. Note this vulnerability only affects the...

9CVSS7.9AI score0.04487EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2012/07/25 10:42 a.m.33 views

CVE-2012-2197

Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges...

7.1CVSS6.4AI score0.04487EPSS
Exploits0References7
CVE
CVE
added 2012/07/25 10:0 a.m.318 views

CVE-2012-2197

CVE-2012-2197 affects IBM DB2 Java Stored Procedure infrastructure across multiple DB2 releases (9.1 before FP12, 9.5–FP9, 9.7–FP6, 9.8–FP5, 10.1). The vulnerability is a stack-based buffer overflow that could allow remote authenticated execution of arbitrary code by exploiting CONNECT and EXECUT...

7.1CVSS7.5AI score0.04487EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2012/06/19 12:0 a.m.31 views

Fedora Update for rubygem-actionpack FEDORA-2012-8912

Check for the Version of rubygem-actionpack OpenVAS Vulnerability Test Fedora Update for rubygem-actionpack FEDORA-2012-8912 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.4CVSS0.1AI score0.046EPSS
Exploits1References2
Rows per page
Query Builder