Lucene search
+L

68 matches found

CVE
CVE
added 2015/05/14 12:0 a.m.83 views

CVE-2015-3397

The CVE-2015-3397 issue affects the Yii Framework prior to 2.0.4, where an XSS flaw could be exploited by remote attackers via JSON/arrays, particularly affecting Internet Explorer 6/7. The vulnerability arises in how JSON data is handled when rendered, allowing injection of arbitrary web script ...

4.3CVSS5.5AI score0.01521EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/22 12:0 a.m.23 views

Cisco TelePresence MCU Software Memory Exhaustion

According to the self-reported version, returned by either the SNMP or FTP service running on the remote device, the Cisco TelePresence MCU software is affected by a vulnerability that can allow a remote, unauthenticated attacker to cause a denial of service via memory exhaustion. C Tenable Netwo...

7.8CVSS5.6AI score0.03784EPSS
Exploits0References3
CVE
CVE
added 2014/10/19 1:0 a.m.54 views

CVE-2014-3397

The CVE-2014-3397 affects Cisco TelePresence MCU Software prior to 4.3(2.30). The vulnerability is a memory exhaustion DoS caused by processing crafted TCP packets in the device’s network stack, enabling an unauthenticated remote attacker to exhaust memory and potentially disrupt or reload the sy...

7.8CVSS6.7AI score0.03784EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2013/06/26 9:0 p.m.53 views

CVE-2013-3397

Cisco CUCM Unified Serviceability CSRF vulnerability (CVE-2013-3397) arises from insufficient CSRF protections in the Unified Serviceability component. Remote attackers could hijack the authentication of arbitrary users to perform actions in the Unified Serviceability pages, potentially with the ...

6.8CVSS7.5AI score0.00576EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/06/26 9:0 p.m.25 views

CVE-2013-3397

Cross-site request forgery CSRF vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager CUCM allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298...

7.2AI score0.00576EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.21 views

Fedora Update for moodle FEDORA-2012-11039

Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2012-11039 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

6.5CVSS0.1AI score0.02105EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.23 views

Fedora Update for moodle FEDORA-2012-11039

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS6.4AI score0.02105EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.22 views

Fedora Update for moodle FEDORA-2012-11028

Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2012-11028 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

6.5CVSS0.3AI score0.02105EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.18 views

Fedora Update for moodle FEDORA-2012-11028

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS6.4AI score0.02105EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/02 12:0 a.m.26 views

Fedora 16 : moodle-2.0.10-1.fc16 (2012-11028)

Latest upstreams to address security issues. CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 Note that Tenable Network Security has extracted the preceding description block...

6.5CVSS5.3AI score0.02105EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2012/08/02 12:0 a.m.27 views

Fedora 17 : moodle-2.2.4-1.fc17 (2012-11039)

Latest upstreams to address security issues. CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 Note that Tenable Network Security has extracted the preceding description block...

6.5CVSS5.3AI score0.02105EPSS
Exploits0References16
CVE
CVE
added 2012/07/23 9:0 p.m.53 views

CVE-2012-3397

The CVE-2012-3397 issue affects Moodle versions 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1. It arises because lib/modinfolib.php does not verify group-membership when deciding if an activity is unavailable or hidden. This allows remote authenticated users ...

4CVSS6.2AI score0.01128EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2011/12/14 12:0 a.m.71 views

CVE-2011-3397

This CVE affects the Microsoft Windows Time component (DATIME.DLL) on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability allows remote code execution via a crafted web page that leverages an unspecified binary behavior in Internet Explorer. The issue is documented as CVE-2011-3397 ...

9.3CVSS8AI score0.19804EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2011/12/14 12:0 a.m.35 views

CVE-2011-3397

The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code Execution Vulnerability...

7.8AI score0.19804EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/12/14 12:0 a.m.31 views

Microsoft Windows Time Component Remote Code Execution Vulnerability (2618451)

This host is missing a critical security update according to Microsoft Bulletin MS11-090. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5.1AI score0.19804EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2011/12/13 12:0 a.m.14 views

Microsoft Time Remote Code Execution (MS11-090; CVE-2011-3397)

A remote code execution vulnerability has been reported in the Microsoft Time component. The vulnerability is caused due to binary behavior in Internet Explorer that results in system corruption. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafte...

9.3CVSS7.3AI score0.19804EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.59 views

MS11-090: Cumulative Security Update of ActiveX Kill Bits (2618451)

The remote Windows host has one or more ActiveX controls installed that could be abused to execute arbitrary code remotely if a user can be tricked into viewing a malicious web page using Internet Explorer. Three of these controls are from Microsoft itself while the others are from third-party...

9.3CVSS6.1AI score0.7374EPSS
Exploits9References3
CVE
CVE
added 2010/09/15 5:26 p.m.65 views

CVE-2010-3397

CVE-2010-3397 affects Symantec PGP Desktop (versions including 9.9.0 build 397, 9.10.x, 10.0.0 build 2732 and likely others). Root cause is an untrusted search path vulnerability allowing DLL hijacking via tsp.dll or tvttsp.dll located in the same folder as credential/key files (.p12, .pem, .pgp,...

9.3CVSS7.7AI score0.04157EPSS
Exploits0References3Affected Software1
Kaspersky
Kaspersky
added 2010/09/15 12:0 a.m.34 views

KLA10288 ACE vulnerability in PGP Desktop

An untrusted path vulnerability was found in PGP Desktop. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited locally via a DLL hijack. Original advisories - Related products PGP-Desktop CVE list CVE-2010-3397 critical Solution Update t...

9.3CVSS7.6AI score0.04157EPSS
Exploits0References2
CVE
CVE
added 2009/10/22 6:0 p.m.56 views

CVE-2009-3397

CVE-2009-3397 affects Oracle E-Business Suite (Oracle Application Object Library) in versions 12.0.6 and 12.1.1. The description notes an unspecified remote vulnerability impacting confidentiality via unknown vectors. The OCT 2009 Critical Patch Update fixes multiple vulnerabilities across Oracle...

4.3CVSS5.8AI score0.02079EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder