128 matches found
CVE-2014-5375
The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 does not properly validate the message owner matches the submitting user, which allows remote authenticated users to impersonate arbitrary users via the UserId and Owner tags...
Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple XSS Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10402/info It has been reported that Liferay Enterprise Portal is susceptible to multiple cross-site scripting and HTML injection vulnerabilities. User-supplied data from many input fields is included in server generated...
Amazon Linux AMI : mesa (ALAS-2013-198)
An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs Mozilla Firefox does this, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...
MGASA-2013-0190 Updated mesa packages fix multiple vulnerabilties
An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs Mozilla Firefox does this, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...
CentOS Update for glx-utils CESA-2013:0897 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : mesa on SL6.x i386/x86_64 (20130603)
An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs Mozilla Firefox does this, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...
keystone: online validation of Keystone PKI tokens bypasses revocation check
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
Watson Management Console 4.11.2.G - Directory Traversal
Exploit Title: Watson Management Console Directory Traversal Vulnerability Google Dork: allintitle:Watson Management Console Contacted Vendor : 17/12/2012 as well as 31/12/2012 The Vendor Did Not Respond . Date: 1/2/2013 Exploit Author: Dhruv Shah Vendor Homepage: http://www.schmid-telecom.com/...