Lucene search
+L

86 matches found

CVE
CVE
added 2015/07/13 10:0 a.m.42 views

CVE-2015-4249

CVE-2015-4249 entry is rejected; not an active vulnerability entry and not used in security assessments.

6.6AI score
Exploits0
Cvelist
Cvelist
added 2015/07/13 10:0 a.m.17 views

CVE-2015-4249

...

Exploits0
Check Point Advisories
Check Point Advisories
added 2014/09/21 12:0 a.m.15 views

Oracle Business Intelligence Mobile App Designer Information Disclosure (CVE-2014-4249)

An information disclosure vulnerability exists in Oracle Business Intelligence Mobile App Designer. The vulnerability is due to insufficient input validation of certain parameters. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable...

5CVSS5.9AI score0.02421EPSS
Exploits0
CVE
CVE
added 2014/07/17 10:0 a.m.61 views

CVE-2014-4249

CVE-2014-4249 affects Oracle Fusion Middleware 11.1.1.7’s BI Publisher Mobile Service. The vulnerability is an information-disclosure issue with unknown vectors that could affect confidentiality. Root cause and affected components are described as an unspecified vulnerability in the Mobile Servic...

5CVSS5.7AI score0.02421EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2013/10/04 5:0 p.m.90 views

CVE-2013-4249

Cross-site scripting XSS vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField...

4.3CVSS5.5AI score0.0288EPSS
Exploits2
CVE
CVE
added 2013/10/04 5:0 p.m.70 views

CVE-2013-4249

CVE-2013-4249 affects Django’s AdminURLFieldWidget in contrib/admin/widgets.py, enabling XSS via URLField input. The issue is in Django 1.5.x prior to 1.5.2 and 1.6.x prior to 1.6 beta 2, where user-supplied URLs can inject script/HTML. In the connected records, upstream Django issued security re...

4.3CVSS5.5AI score0.0288EPSS
Exploits2References8Affected Software1
seebug.org
seebug.org
added 2013/08/27 12:0 a.m.58 views

Django is_safe_url() 跨站脚本 和 URLField 脚本插入漏洞

CVECAN ID: CVE-2013-4249 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django 1.4、1.5没有正确过滤django.contrib.admin的URLField字段、django.utils.http.issafeurl函数utils/http.py 的URL重定向相关输入没有被正确过滤,可被利用插入任意HTML和脚本代码,导致这些恶意代码被查看时,会在受影响站点上下文的浏览器会话中执行。 0 Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS6.3AI score0.0288EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/08/23 12:0 a.m.28 views

Fedora Update for python-django FEDORA-2013-14797

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.0288EPSS
Exploits2References2
Mageia
Mageia
added 2013/08/22 6:13 p.m.56 views

Updated python-django packages fix CVE-2013-4249

Updated python-django package fixes security vulnerability: The issafeurl function has been modified to properly recognize and reject URLs which specify a scheme other than HTTP or HTTPS, to prevent cross-site scripting attacks through redirecting to other schemes, such as javascript. CVE-2013-42...

4.3CVSS0.4AI score0.0288EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.45 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2010)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2010 advisory. - block check for proper length of iov entries earlier in blkrqmapuseriov Xiaotian Feng CVE-2010-4668 - scm: lower SCMMAXFD Eric Dumazet...

4.9CVSS5.7AI score0.01355EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.38 views

Oracle Linux 4 : kernel (ELSA-2011-0162)

From Red Hat Security Advisory 2011:0162 : Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVS...

6.9CVSS5.6AI score0.01542EPSS
Exploits17References12
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.46 views

Oracle Linux 5 : kernel (ELSA-2011-0303)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0303 advisory. - net fix unix socket local dos Neil Horman 656759 656760 CVE-2010-4249 - net core: clear allocs for privileged ethtool actions Jiri Pirko 672432 67243...

7.8CVSS6AI score0.0389EPSS
Exploits3References5
NVD
NVD
added 2012/08/12 5:55 p.m.25 views

CVE-2012-4249

The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than...

10CVSS7.3AI score0.03722EPSS
Exploits0References3
CVE
CVE
added 2012/08/12 5:0 p.m.54 views

CVE-2012-4249

The vulnerability CVE-2012-4249 affects Amazon Kindle Touch prior to 5.1.2, specifically the com.lab126.system sendEvent implementation. The issue allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, demonstrated by lipc-set-prop to set an LIPC pr...

10CVSS7.5AI score0.03722EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.37 views

CentOS Update for kernel CESA-2011:0303 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:0303 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.1CVSS0.6AI score0.0389EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.44 views

CentOS Update for kernel CESA-2011:0162 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

1.9CVSS5.5AI score0.01542EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.30 views

CentOS Update for kernel CESA-2011:0303 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.8CVSS5.8AI score0.0389EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2012/01/24 12:0 a.m.50 views

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7918)

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. This update fixes the following security issues : - X.25 remote DoS. CVE-2010-3873. bnc651219 - X.25 remote Dos. CVE-2010-4164. bnc653260 - 1 socket local DoS. CVE-2010-4249. bnc655696 -...

7.8CVSS6.7AI score0.05679EPSS
Exploits8References28
OpenVAS
OpenVAS
added 2011/11/29 12:0 a.m.36 views

RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Windows)

This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodrealplayermultvulnnov11win.nasl 7052 2017-09-04 11:50:51Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 Windows Authors: Madhuri D Copyright: Copyright c...

10CVSS0.7AI score0.04255EPSS
Exploits0References2
CVE
CVE
added 2011/11/24 11:0 a.m.54 views

CVE-2011-4249

RealPlayer (Windows) before 15.0.0 is affected by CVE-2011-4249 due to an array index error in the RV30 codec during parsing of RV30 data, enabling remote code execution. ZDI notes the flaw allows code execution on vulnerable installations and requires user interaction (visiting a malicious page ...

10CVSS7.8AI score0.03254EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder