CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1464 matches found

Tenable Nessus•added 2014/03/01 12:0 a.m.•74 views

Grails resources plug-in WEB-INF / META-INF File Disclosure

The remote web server uses a version of Grails, an open source web application framework for JVM, that is affected by an information disclosure vulnerability. Specifically, its 'resources' plug-in fails to restrict access to resources located under an application's 'WEB-INF' and 'META-INF'...

5CVSS5.7AI score0.0069EPSS

Exploits0References7

Tenable Nessus•added 2014/02/23 12:0 a.m.•30 views

RHEL 5 / 6 : flash-plugin (RHSA-2014:0196)

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2014:0196 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple...

10CVSS6.6AI score0.89835EPSS

Exploits4References8

OpenVAS•added 2014/02/11 12:0 a.m.•20 views

RedHat Update for pidgin RHSA-2014:0139-01

Check for the Version of pidgin OpenVAS Vulnerability Test RedHat Update for pidgin RHSA-2014:0139-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

10CVSS0.4AI score0.38978EPSS

Exploits0References2

NVD•added 2014/02/05 7:55 p.m.•15 views

CVE-2011-3377

The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy SOP and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a...

4.3CVSS7AI score0.00971EPSS

Exploits0References8

Debian CVE•added 2014/02/05 7:0 p.m.•22 views

CVE-2011-3377

4.3CVSS7AI score0.00971EPSS

Exploits0

Cvelist•added 2014/02/05 7:0 p.m.•24 views

CVE-2011-3377

6.9AI score0.00971EPSS

Exploits0References8

RedHat Linux•added 2014/02/05 8:12 a.m.•2 views

flash-plugin: integer underflow flaw leads to arbitrary code execution (APSB14-04)

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors...

10CVSS8AI score0.93156EPSS

Exploits7References6

Veeam•added 2014/01/23 12:0 a.m.•71 views

How to reinstall vSphere Web Client plug-in for Veeam Backup & Replication

Article Applicability This article is regarding the Local vSphere Client Plug-in only. Veeam Backup Enterprise Manager offers the following configurations of the vSphere Client plug-in: Local vSphere Client Plug-in -- For vSphere Client 7.0.0.x or earlier, the plug-in is installed locally on the...

6.5AI score

Exploits0Affected Software1

Tenable Nessus•added 2014/01/16 12:0 a.m.•294 views

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140115)

An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

10CVSS6.5AI score0.16596EPSS

Exploits1References15

RedHat Linux•added 2014/01/15 12:59 a.m.•57 views

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS6.4AI score0.16596EPSS

Exploits1References16

myhack58•added 2013/12/25 12:0 a.m.•11 views

Discuz plug-in arbitrary File Download vulnerability-vulnerability warning-the black bar safety net

A txt,word Online Preview of the plug-in,Plug-In address: http://www.discuz.net/forum.php?mod=viewthread&tid=3 1 6 9 5 5 6 AppleScript $doc=$GET'doc'; $doc="../../../".$ doc; $filename=$GET'filename'; $ext=$GET'ext'; //set file type if$ext=='doc' $ext="application/msword"; if$ext=='xls'...

Exploits0

myhack58•added 2013/12/22 12:0 a.m.•13 views

Discuz a plug-in to any local download vulnerability-vulnerability warning-the black bar safety net

Author:y0umer Plug-in download address: http://www.discuz.net/forum.php?mod=viewthread&tid=3 1 6 9 5 5 6 Then look at the code: $doc=$GET'doc'; $doc="../../../".$ doc; $filename=$GET'filename'; $ext=$GET'ext'; //Set the file type if$ext=='doc' $ext="application/msword"; if$ext=='xls'...

0.2AI score

Exploits0

OSV•added 2013/12/12 6:55 p.m.•2 views

DEBIAN-CVE-2013-1913

Integer overflow in the loadimage function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large color entries value in an X Window Syste...

6.8CVSS7.6AI score0.02017EPSS

Exploits0References1

OSV•added 2013/12/12 6:55 p.m.•1 views

DEBIAN-CVE-2013-1978

Heap-based buffer overflow in the readxwdcols function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an X Window System XWD image dump with more colors than color map...

6.8CVSS7.8AI score0.03438EPSS

Exploits0References1

Positive Technologies•added 2013/12/03 12:0 a.m.•2 views

PT-2013-1157 · Gnu +3 · Gimp +3

Name of the Vulnerable Software and Affected Versions: GIMP versions 2.6.9 and earlier Description: The issue is related to an integer overflow in the load image function in the X Window Dump XWD plug-in. This can be triggered by a large color entries value in an X Window System XWD image dump,...

7.5CVSS7.3AI score0.06336EPSS

Exploits1References29

Positive Technologies•added 2013/12/03 12:0 a.m.•4 views

PT-2013-1158 · Gnu +4 · Gimp-Debuginfo +5

Name of the Vulnerable Software and Affected Versions: GIMP versions 2.6.9 and earlier gimp-debuginfo version 2.2.13 Description: The issue is related to a heap-based buffer overflow in the read xwd cols function in the X Window Dump XWD plug-in, which can be exploited by remote attackers using a...

7.5CVSS7.4AI score0.06336EPSS

Exploits1References29

Tenable Nessus•added 2013/11/14 12:0 a.m.•30 views

RHEL 5 / 6 : flash-plugin (RHSA-2013:1518)

An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

10CVSS6.1AI score0.11531EPSS

Exploits1References6

Tenable Nessus•added 2013/10/27 12:0 a.m.•39 views

Debian DSA-2785-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. - CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. - CVE-2013-2908 Chamal de Silva discovered an address bar...

7.5CVSS8.5AI score0.02705EPSS

Exploits1References46

NVD•added 2013/10/02 10:35 a.m.•17 views

CVE-2013-2912

Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepperinprocessrouter.cc in the Pepper Plug-in API PPAPI in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

7.5CVSS7AI score0.01461EPSS

Exploits0References8

UbuntuCve•added 2013/10/02 10:35 a.m.•20 views

CVE-2013-2912

7.5CVSS7.2AI score0.01461EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by