1014 matches found
DEBIAN-CVE-2016-5691
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of 1 pixel.red, 2 pixel.green, and 3 pixel.blue...
Google Android Package Manage Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA.Package Manager is one of the Android application package files. An information disclosure vulnerability exists in Package Manager in Android 7.0. The vulnerability can be exploited...
UBUNTU-CVE-2016-6718
An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction...
UBUNTU-CVE-2016-7127
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact by providing different signs for the second an...
Palo Alto Networks PAN-OS Denial of Service Vulnerability (CNVD-2016-05079)
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A denial of service vulnerability exists in Palo Alto Networks PAN-OS versions 7.0.1 through 7.0.7. An attacker could exploit this vulnerability to cause a denial of service...
CVE-2016-5433
Citrix iOS Receiver before 7.0 allows attackers to cause TLS certificates to be incorrectly validated via unspecified vectors...
PHP Double Release Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
UBUNTU-CVE-2016-4343
The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...
Micro Focus Service Desk Arbitrary File Read Vulnerability
Micro Focus Service Desk formerly Novell Service Desk is a service management solution for monitoring and resolving service issues from Micro Focus in the UK. The solution provides incident management, problem management, service catalog definition and management, financial management, knowledge...
Micro Focus Service Desk Cross-Site Scripting Vulnerability
Micro Focus Service Desk formerly Novell Service Desk is a service management solution for monitoring and resolving service issues from Micro Focus in the UK. The solution provides incident management, problem management, service catalog definition and management, financial management, knowledge...
SAP Netwaver XML External Entity Injection Vulnerability
SAP Netwaver is a professional standards-based integrated application platform from SAP. The platform provides components such as portals, application servers and business intelligence solutions. An XML external entity injection vulnerability exists in SAP Netwaver versions prior to 7.01. An...
Lenovo System Update Signature Validation Bypass Vulnerability
Lenovo System Update aka ThinkVantage System Update is a system update software from Lenovo. The service component of Lenovo System Update, SUService.exe, creates a named pipe to provide system update services to low-privileged processes.A security vulnerability in Lenovo System Update software...
TYPO3 Flowplayer Library Cross-Site Scripting Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF maintained by the TYPO3 Association in Switzerland.Flowplayer library is one of the Flash video playback libraries. A cross-site scripting vulnerability exists in the TYPO3 Flowplayer library versions 6.2.0 through 6.2.13...
BSA-2015-003
Summary Security Advisory ID : BSA-2015-003 Component : OpenSSL Revision : 7.0 N/A...
CVE-2015-0386
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191...
PT-2015-3929 · Red Hat · Red Hat Network Satellite +1
Name of the Vulnerable Software and Affected Versions: Red Hat Network Satellite versions prior to 5.7.0 Spacewalk versions prior to 5.7.0 Description: A cross-site scripting XSS issue allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field. This could...
BELL-CVE-2014-8709 CVE-2014-8709 does not affect BellSoft software
Bulletin has no description...
UBUNTU-CVE-2014-1268
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270...
OpenJDK: image conversion out of bounds read (2D, 8014102)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D...
CVE-2012-5220
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors...