Lucene search
K

2442 matches found

Cent OS
Cent OS
added 2010/10/14 10:59 a.m.92 views

java security update

CentOS Errata and Security Advisory CESA-2010:0768 Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS7.3AI score0.87264EPSS
Exploits14References7
RedHat Linux
RedHat Linux
added 2010/10/13 4:22 p.m.54 views

Important: Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update

Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

10CVSS7.3AI score0.87264EPSS
Exploits14References19
OpenVAS
OpenVAS
added 2010/09/20 12:0 a.m.46 views

HP/HPE System Management Homepage (SMH) Multiple Vulnerabilities (HPSBMA02566, HPSBMA02568)

HP/HPE System Management Homepage SMH is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS7.9AI score0.87264EPSS
Exploits22References4
NVD
NVD
added 2010/09/17 6:0 p.m.21 views

CVE-2010-3011

CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS6.8AI score0.03602EPSS
Exploits0References3
Prion
Prion
added 2010/09/17 6:0 p.m.19 views

Crlf injection

CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS7.4AI score0.03602EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/09/17 5:46 p.m.59 views

CVE-2010-3011

CVE-2010-3011 is a CRLF injection vulnerability in HP System Management Homepage (SMH) prior to 6.2 that can allow remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. The issue affects HP SMH versions before 6.2 and stems from an as‑yet u...

5CVSS7AI score0.03602EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/09/17 5:46 p.m.26 views

CVE-2010-3011

CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.8AI score0.03602EPSS
Exploits0References3
securityvulns
securityvulns
added 2010/09/17 12:0 a.m.176 views

[security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, HTTP Response Splitting, and Other Vulnerabilities...

10CVSS0.87264EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2010/09/17 12:0 a.m.179 views

HP System Management Homepage < 6.2 Multiple Vulnerabilities

According to its self-reported version number, the HP System Management Homepage install on the remote host is earlier than 6.2. Such versions are reportedly affected by the following vulnerabilities : - Session renegotiations are not handled properly, which could be exploited to insert arbitrary...

10CVSS7.4AI score0.87264EPSS
Exploits24References17
Prion
Prion
added 2010/09/14 5:0 p.m.17 views

Crlf injection

CRLF injection vulnerability in load.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the...

3.5CVSS6.8AI score0.007EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2010/09/14 4:39 p.m.45 views

CVE-2010-0155

The CVE-2010-0155 issue affects IBM Proventia Network Mail Security System (PNMSS) with firmware older than 2.5, specifically the Local Management Interface (LMI). A CRLF injection vulnerability exists in load.php that is exploitable by remote authenticated users via the javaVersion parameter, en...

3.5CVSS6.6AI score0.007EPSS
Exploits1References2Affected Software2
Packet Storm
Packet Storm
added 2010/09/14 12:0 a.m.41 views

Proventia Network Mail Security System CRLF Injection

Security Advisory: MVSA-10-009 / CVE-2010-0155 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: CRLF Injection Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-009 Description Web-based...

3.5CVSS0.2AI score0.007EPSS
Exploits1
Prion
Prion
added 2010/06/29 6:30 p.m.19 views

Crlf injection

CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or...

4.3CVSS7.5AI score0.11567EPSS
Exploits2References6Affected Software1
securityvulns
securityvulns
added 2010/06/28 12:0 a.m.61 views

[SWRX-2010-001] Cisco ASA HTTP Response Splitting Vulnerability

SecureWorks Security Advisory SWRX-2010-001 Cisco ASA HTTP Response Splitting Vulnerability Advisory Information Title: Cisco ASA HTTP Response Splitting Vulnerability Advisory ID: SWRX-2010-001 Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001 Date published: Thursday, June 2...

4.3CVSS6.7AI score0.11567EPSS
Exploits2
Packet Storm
Packet Storm
added 2010/06/26 12:0 a.m.46 views

Cisco ASA HTTP Response Splitting

SecureWorks Security Advisory SWRX-2010-001 Cisco ASA HTTP Response Splitting Vulnerability Advisory Information Title: Cisco ASA HTTP Response Splitting Vulnerability Advisory ID: SWRX-2010-001 Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001 Date published: Thursday, June 2...

4.3CVSS6.7AI score0.11567EPSS
Exploits2
Cisco
Cisco
added 2010/06/25 6:34 p.m.26 views

Cisco ASA Software HTTP Response Splitting Vulnerability

Cisco ASA Software versions prior to 8.12 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability exists due to improper handling of characters within URLs. An unauthenticated, remote attacker could exploit this...

4.3CVSS6.4AI score0.11567EPSS
Exploits2References1
Exploit DB
Exploit DB
added 2010/06/25 12:0 a.m.24 views

Cisco Adaptive Security Response - HTTP Response Splitting

source: https://www.securityfocus.com/bid/41159/info Cisco Adaptive Security Response ASA is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2010/05/05 12:0 a.m.9 views

WordPress Cimy Counter Plugin 0.9.4 - HTTP Response Splitting and Cross-Site Scripting Vulnerabilities

This Cimy Counter plugin is prone to HTTP response-splitting and a cross-site scripting vulnerabilities. It fails properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

0.9AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2010/05/05 12:0 a.m.13 views

WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting

WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/05/05 12:0 a.m.18 views

WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting

source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scrip...

7.4AI score
Exploits0
Rows per page
Query Builder