91 matches found
CVE-2018-2197
This CVE entry is rejected/not used; the candidate was in CNA pool and not assigned to issues.
CVE-2016-2197
QEMU (with IDE AHCI emulation) is affected by CVE-2016-2197 due to a NULL pointer dereference when unmapping FIS and CLB entries, allowing a privileged guest user to crash the QEMU process and cause a DoS. Remediation per sources includes upgrading to a fixed release (PowerKVM advisory notes this...
openSUSE Security Update : qemu (openSUSE-2016-839)
qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
GLSA-201604-01 : QEMU: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201604-01 QEMU: Multiple vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Local users within a guest QEMU environment can execute...
CVE-2009-2197
CVE-2009-2197 affects Apple Safari prior to 9.1, where dialog text could be injected with page-supplied content, enabling UI spoofing. The official Apple advisory for Safari 9.1 states that the issue was addressed by removing inclusion of dialog text, mitigating the spoofing vector. The NVD entry...
About the security content of Safari 9.1
About the security content of Safari 9.1 This document describes the security content of Safari 9.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...
Fedora 22 : qemu-2.3.1-12.fc22 (2016-be042f7e6f)
CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...
Fedora 23 : qemu-2.4.1-7.fc23 (2016-b49aaf2c56)
CVE-2015-8619: Fix sendkey out of bounds bz 1292757 CVE-2016-1981: infinite loop in e1000 bz 1299995 Fix Out-of-bounds read in usb-ehci bz 1300234, bz 1299455 CVE-2016-2197: ahci: NULL pointer dereference bz 1302952 Fix gdbstub for VSX registers for ppc64 bz 1304377 Fix qemu-img vmdk images to...
CVE-2015-2197
Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...
CVE-2015-2197
CVE-2015-2197 affects Drupal’s Entity API module (7.x-1.x) before 7.x-1.6. The vulnerability is an XSS via field labels exposed through the Token API, caused by insufficient sanitization of user-supplied input. Impact: remote authenticated users can inject arbitrary script/HTML. Mitigation: upgra...
CVE-2015-2197
Cross-site scripting XSS vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API...
SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)
The Entity API module extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties. The module doesn't sufficiently sanitize field labels when exposing them through the Token API thereby exposing a Cross Site Scripting XSS vulnerability. This...
CVE-2014-2197
CVE-2014-2197 affects Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4. The Admin GUI did not properly implement access control, allowing remote authenticated users to modify administrative credentials via a crafted URL (Privilege Escalation typ...
Ubuntu: Security Advisory (USN-2197-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-2197
CVE-2013-2197 affects Drupal’s Login Security module. The vulnerability, triggered when the login delay feature is enabled, allows a remote attacker to cause a denial of service via a high volume of failed login attempts, consuming CPU. Affected are Drupal 6.x-1.x before 6.x-1.3 and 7.x-1.x befor...
IBM DB2 9.7 < Fix Pack 7 Multiple Vulnerabilities
According to its version, the installation of IBM DB2 9.7 running on the remote host is prior to Fix Pack 7. It is, therefore, affected by one or more of the following issues : - An error exists related to the stored procedure 'SQLJ.DB2INSTALLJAR' that can allow 'JAR' files to be overwritten. Not...
IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities
According to its version, the installation of DB2 10.1 running on the remote host is affected by one or more of the following issues : - An error exists in the stored procedure 'SQLJ.DB2INSTALLJAR' that can allow unauthorized replacement of Jar files. Note this vulnerability only affects the...
CVE-2012-2197
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges...
CVE-2012-2197
CVE-2012-2197 affects IBM DB2 Java Stored Procedure infrastructure across multiple DB2 releases (9.1 before FP12, 9.5–FP9, 9.7–FP6, 9.8–FP5, 10.1). The vulnerability is a stack-based buffer overflow that could allow remote authenticated execution of arbitrary code by exploiting CONNECT and EXECUT...
Fedora Update for rubygem-actionpack FEDORA-2012-8912
Check for the Version of rubygem-actionpack OpenVAS Vulnerability Test Fedora Update for rubygem-actionpack FEDORA-2012-8912 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...