596 matches found
UBUNTU-CVE-2018-3161
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Partition. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2018-2888
Vulnerability in the MICROS Retail-J component of Oracle Retail Applications subcomponent: Back Office. Supported versions that are affected are 10.2.x, 11.0.x, 12.0.x, 12.1.x, 12.1.1.x,12.1.2.x and 13.1.x. Difficult to exploit vulnerability allows physical access to compromise MICROS Retail-J...
CVE-2017-16718
Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via ADS. This special command supports encrypted authentication with username/password. The encryption...
OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
mysql: Server: Replication unspecified vulnerability (CPU Jan 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2018-1206
Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is "apollosuperuser." An attacker with local access to the server where D...
UBUNTU-CVE-2017-10167
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
mysql: Server: DML unspecified vulnerability (CPU Jul 2017)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
UBUNTU-CVE-2017-10067
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...
Trend Micro enterprise products HTTP header injection vulnerability
Overview Multiple enterprise products provided by Trend Micro Incorporated contain a HTTP header injection vulnerability. According to the developer, exploiting the vulnerability requires access to the LAN environment of the user. Trend Micro Incorporated reported this vulnerability to JPCERT/CC ...
MGASA-2013-0244 Updated subversion packages fixes security vulnerability
Subversion's moddavsvn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT or equivalent or undefined behavior. Commit access is required t...
Lotus Domino HPRAgentName Stack Overflow
Added: 07/08/2011 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem The WebAdmin.nsf resource on the Domino web service contains a buffer overflow vulnerability. Resolution No patch is available at this time. References Limitations This exploit...
EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service
Kerio Personal Firewall Multiple IP Options Denial of Service Release Date: November 9, 2004 Date Reported: October 30, 2004 Severity: High Remote Denial of Service Vendor: Kerio Systems Affected: Kerio Personal Firewall 4.1.1 and prior Overview: eEye Digital Security has discovered a severe deni...
Oracle Database Server contains several vulnerabilities
Overview Several vulnerabilities exist in the Oracle Database Server and Listener. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system. Description Oracle Database 1...
SUSE-SA:2004:024: kernel
The remote host is missing the patch for the advisory SUSE-SA:2004:024 kernel. This kernel is vulnerable to a race condition in the 64-bit file offset handling code. The file offset pointer fpos is changed during reading, writing, and seeking through a file to point to the current position in a...
[ADV/EXP]: RH6.x root from bash /tmp vuln + MORE
Advisory: its been fixed, check some previous messages. bash1 /tmp vulns Also: uucp exploit - file creation/overwriting symlinks kinda exploit for man/makewhatis Requires: 1 local access to run the program 2 a crash or reboot to happened 3 /etc/cron.weekly/makewhatis.cron to be executed by cron 4...