73 matches found
CVE-2014-4388
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...
Code injection
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...
CVE-2014-4388
IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...
Type confusion
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...
CVE-2013-5155
The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service infinite loop via an application that writes crafted values to /dev/random...
CVE-2013-1999
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...
CVE-2013-1998
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XGetDeviceButtonMapping, 2 XIPassiveGrabDevice, and 3 XQueryDeviceState functions...
Buffer overflow
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XtResourceConfigurationEH function...
DEBIAN-CVE-2013-1998
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XGetDeviceButtonMapping, 2 XIPassiveGrabDevice, and 3 XQueryDeviceState functions...
Buffer overflow
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function...
CVE-2013-2000
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XDGAQueryModes and 2 XDGASetMode functions...
CVE-2013-1999
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...
CVE-2013-1999
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...
CVE-2013-1997
Multiple buffer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XAllocColorCells, 2 XkbReadGetDeviceInfoReply, 3 XkbReadGeomShapes, 4 XkbReadGetGeometryReply...
CVE-2013-1999
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...
Mandriva Update for phpmyadmin MDVSA-2011:158 (phpmyadmin)
Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:158 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
CVE-2010-4478
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...
CVE-2010-4252
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol...
Design/Logic Flaw
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol...
CVE-2010-4478
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...