CVE-2014-0411

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

Reported CPU Usage Values Differ in vCenter and Veeam ONE

Challenge The reported maximum, minimum, and average CPU usage values do not match between the vCenter and Veeam ONE. Cause How the Values Are Calculated in vSphere Client VMware calculates these values with Hyperthreading Technology enabled. The VMware vSphere client shows that "Hyperthreading" ...

PT-2010-1186 · Michaelliao · Openid

Name of the Vulnerable Software and Affected Versions: michaelliao jopenid versions prior to 1.08 Description: The issue is related to a timing discrepancy in the getAuthentication function of the OpenIdManager.java file. This discrepancy can be exploited by a remote attacker to gain unauthorized...

PhpMesFilms 1.0 SQL Injection

in the name of God Download script : http://www.script-masters.com/home/download.php?script=138 ---------------------------------------------------------- Discovered By: SuB-ZeRofrom algeria msn: [email protected] D-unit : SuB-ZeRo & Me!sTer & HaLokA Home: www.dz-security.net/ my exploit :...

CVE-2008-4000

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU...

CVE-2007-4324

ActionScript 3 AS3 in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash SWF movie that specifies a connection to make, then...

CVE-2004-2607

A numeric casting discrepancy in sdlaxfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer...

CVE-2003-0078

ssl3getrecord in s3pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak timing discrepancy that may make it easier to launch cryptographic attacks that rely on distinguishing betwe...