79 matches found
Debian: Security Advisory (DSA-3971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-3971
Cross-site scripting XSS vulnerability in lucenesearch.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout...
CVE-2016-3971
Cross-site scripting XSS vulnerability in lucenesearch.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout...
CVE-2016-3971
Cross-site scripting XSS vulnerability in lucenesearch.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout...
CVE-2016-3971
CVE-2016-3971 describes an XSS vulnerability in dotCMS where a crafted value in the query parameter to c/portal/layout is reflected by lucene_search.jsp. Affected product: dotCMS, versions before 3.5.1. Root cause: cross-site scripting due to improper handling of user-supplied input. Impact: pote...
CVE-2015-3971
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239...
CVE-2015-3971
CVE-2015-3971 for Janitza UMG devices (508, 509, 511, 604, 605) : The debug/web interface on these UMG devices exposes an unauthenticated session over TCP port 1239, allowing remote attackers to read/write files or execute arbitrary JASIC code. This constitutes unauthenticated remote control of t...
CVE-2014-3971
CVE-2014-3971 affects MongoDB 2.6.x before 2.6.2. The vulnerability is in CmdAuthenticate::_authenticateX509 (authentication_commands.cpp) within mongod, where an unauthenticated remote attacker can trigger a denial of service (daemon crash) by presenting an invalid X.509 client certificate. Conn...
Internet Explorer CSS Recursive Import Use After Free
No description provided by source. $Id: ms11003iecssimport.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1064-1)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 - MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards - MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-20 12-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/ CVE-2012-3959...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1065-1)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 - MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards - MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-20 12-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/ CVE-2012-3959...
CVE-2013-3971
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3049...
CVE-2013-3971
CVE-2013-3971 affects IBM Maximo Asset Management and related products (7.1–7.1.1.12 and 7.5 before 7.5.0.5). The bulletin indicates a security bypass vulnerability that allows remote authenticated users to bypass intended access restrictions via unspecified vectors. The issue is mitigated by app...
CVE-2013-3049
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3971...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:1065-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox)
Check for the Version of MozillaFirefox OpenVAS Vulnerability Test $Id: gbsuse201210641.nasl 8285 2018-01-04 06:29:16Z teissa $ SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 MozillaFirefox Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
MozillaFirefox: Update to version 15 (critical)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...
Mozilla Products Memory Corruption Vulnerabilities - August12 (Mac OS X)
This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmemcorrvulnaug12macosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Memory Corruption Vulnerabilities - August12 Mac OS X Authors:...
CVE-2012-3971
CVE-2012-3971 affects SIL Graphite 2 as used in Mozilla Firefox up to 15.0, Mozilla Thunderbird up to 15.0, and SeaMonkey up to 2.12. The vulnerability arises from issues in Silf::readClassMap and Pass::readPass, allowing remote attackers to execute arbitrary code or cause memory corruption (DoS)...
Google Chrome Multiple Vulnerabilities - February 12 (MAC OS X)
The host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnfeb12macosx.nasl 6521 2017-07-04 14:51:10Z cfischer $ Google Chrome Multiple Vulnerabilities - February 12 MAC OS X Authors: Madhuri D Copyright: Copyright c 20...