6702 matches found
OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...
OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...
OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI...
CVE-2014-1723
The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers IRIs, which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left RTL Unicode text...
Design/Logic Flaw
The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers IRIs, which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left RTL Unicode text...
CVE-2014-1723
CVE-2014-1723 corresponds to a vulnerability in Google Chrome prior to version 34.0.1847.116 where the UnescapeURLWithOffsetsImpl function in net/base/escape.cc failed to correctly handle bidirectional IRIs, enabling remote attackers to spoof URLs via crafted RTL Unicode text. Public fixes are re...
Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)
There exists a vulnerability in Squid Web Proxy Cache in the processing of DNS lookups. The flaw is caused by predictable transaction identifiers in DNS requests generated by Squid. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the targe...
CVE-2014-2121
The Java-based software in Cisco Hosted Collaboration Solution HCS allows remote attackers to cause a denial of service closing of TCP ports via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643...
libXfont: Multiple vulnerabilities
Background libXfont is an X11 font rasterisation library. Description Multiple vulnerabilities have been discovered in libXfont. Please review the CVE identifiers referenced below for details. Impact A local attacker could use a specially crafted file to gain privileges or cause a Denial of Servi...
CVE-2014-0502
creationtimestamp| type| source ---|---|--- 2014-02-20 19:37:09+00:00| seen| MISP/530658f2-c4b0-4ef9-b374-22040aa69d0b 2014-02-24 07:34:19+00:00| seen| MISP/530af43c-a1f8-4160-990a-44ef950d2109 2014-02-25 07:01:38+00:00| seen| MISP/530c3f1c-7348-42d6-b567-db98950d2109 2014-05-17 11:51:26+00:00|...
GLSA-201402-16 : FreeType: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201402-16 FreeType: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could entice a user to...
CVE-2013-6482
Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service NULL pointer dereference and crash via a crafted 1 SOAP response, 2 OIM XML response, or 3 Content-Length header...
Adobe Flash Player: Multiple vulnerabilities
Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A...
GLSA-201401-11 : Perl, Locale Maketext Perl module: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201401-11 Perl, Locale Maketext Perl module: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for details. Impact :...
NTP: Traffic amplification
Background NTP is a protocol designed to synchronize the clocks of computers over a network. The net-misc/ntp package contains the official reference implementation by the NTP Project. Description ntpd is susceptible to a reflected Denial of Service attack. Please review the CVE identifiers and...
DEBIAN-CVE-2013-6419
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by 1...
GLSA-201311-17 : Perl: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201311-17 Perl: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Perl. Please review the CVE identifiers referenced below for details. Impact : A local attacker could cause a Denial of Service condition or...
rssh: Access restriction bypass
Background rssh is a restricted shell, allowing only a few commands like scp or sftp. It is often used as a complement to OpenSSH to provide limited access to users. Description Multiple command line parsing and validation vulnerabilities have been discovered in rssh. Please review the CVE...
Zabbix: Multiple vulnerabilities
Background Zabbix is software for monitoring applications, networks, and servers. Description Multiple vulnerabilities have been discovered in Zabbix. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to execute arbitrary SQL statements, cause a...
GLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201311-10 GraphicsMagick: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to...