Lucene search
K

71 matches found

ThreatPost
ThreatPost
added 2017/04/25 12:36 p.m.42 views

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs

Adobe today released an important security hotfix for several versions of its ColdFusion rapid web application development platform. The company said the update addresses an input validation vulnerability CVE-2017-3008 in the software that could be used in reflected cross-site scripting XSS...

4.3CVSS2.1AI score0.03094EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2016/08/24 12:0 a.m.29 views

Microsoft Exchange Server Information Disclosure Vulnerability (3160339)

This host is missing an important security update according to Microsoft Bulletin MS16-079. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

5.5CVSS6.1AI score0.22554EPSS
Exploits0References2
Prion
Prion
added 2016/06/16 1:59 a.m.15 views

Information disclosure

Outlook Web Access OWA in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka...

4.3CVSS6.5AI score0.22554EPSS
Exploits0References2
0day.today
0day.today
added 2014/04/09 12:0 a.m.92 views

Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow

Exploit for linux platform in category remote exploits source: http://www.securityfocus.com/bid/24832/info Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently...

6.8CVSS6.5AI score0.12273EPSS
Exploits2
0day.today
0day.today
added 2014/02/17 12:0 a.m.19 views

Java 7 Update 11 vulnerability to download and execute

Java 7 Update 11 vulnerability to download and execute. With this applet you can boot from a remote host and execute the file, bypassing pisochnitsy java, also affected and older. Usage Info All material is provided with source code, and you will be able to easily assemble ready exploit replacing...

7.1AI score
Exploits0
Prion
Prion
added 2013/07/10 10:55 a.m.22 views

Code injection

Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components CFC public methods via WebSockets...

10CVSS7AI score0.07563EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2013/07/10 10:0 a.m.29 views

CVE-2013-3350

Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components CFC public methods via WebSockets...

6.5AI score0.07563EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2013/05/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-1389

Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 10 before Update 10 allows remote attackers to execute arbitrary code via unknown vectors...

10CVSS6.2AI score0.0613EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2013/02/22 12:0 a.m.73 views

Oracle Java SE 7 < Update 11 Multiple Vulnerabilities (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 11 and is, therefore, potentially affected by the following security issues : - An unspecified issue exists in the Libraries component. CVE-2012-3174 - An error exists in the...

10CVSS9.1AI score0.97612EPSS
Exploits38References4
OpenVAS
OpenVAS
added 2013/02/06 12:0 a.m.28 views

Oracle Java SE Unspecified Vulnerability - Feb 13 (Windows)

This host is installed with Oracle Java SE and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gboraclejavaseunspecifiedvulnfeb13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Unspecified Vulnerability - Feb 13 Windows Authors: Arun Kallavi Copyright: Copyright c...

4.3CVSS1.1AI score0.02701EPSS
Exploits0References3
Prion
Prion
added 2013/02/02 12:55 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

10CVSS5.9AI score0.08087EPSS
Exploits0References27Affected Software2
Prion
Prion
added 2013/02/02 12:55 a.m.35 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...

10CVSS5.8AI score0.08087EPSS
Exploits0References27Affected Software2
Prion
Prion
added 2013/02/02 12:55 a.m.31 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

10CVSS5.8AI score0.08087EPSS
Exploits0References26Affected Software2
Prion
Prion
added 2013/02/02 12:55 a.m.22 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...

5CVSS5.8AI score0.05205EPSS
Exploits0References25Affected Software2
Prion
Prion
added 2013/02/02 12:55 a.m.15 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX...

5CVSS6AI score0.04856EPSS
Exploits0References15Affected Software2
Prion
Prion
added 2013/02/02 12:55 a.m.18 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...

7.6CVSS6.2AI score0.0671EPSS
Exploits0References14Affected Software2
UbuntuCve
UbuntuCve
added 2013/02/02 12:55 a.m.24 views

CVE-2013-1479

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

10CVSS5.9AI score0.06015EPSS
Exploits0References4
CVE
CVE
added 2013/02/02 12:0 a.m.100 views

CVE-2013-0449

CVE-2013-0449 is an unspecified vulnerability in the Oracle Java SE 7 JRE (Deployment area) up to Update 11 that could allow remote confidentiality impact. Public details in provided documents are limited; no exploitation specifics are given. Remediation across connected advisories generally invo...

5CVSS5.3AI score0.03839EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2013/02/02 12:0 a.m.126 views

CVE-2012-3342

CVE-2012-3342 is listed in IBM security advisories as part of a set of Java/JRE related flaws. IBM reports affected products as IBM WebSphere ILOG JRules V7.1.1 (Windows with a provided JDK) and IBM Operational Decision Manager V7.5/V8.0 (all distributed platforms). Remediation is via APAR RS0128...

10CVSS5.6AI score0.08325EPSS
Exploits0References14Affected Software1
CVE
CVE
added 2013/02/02 12:0 a.m.123 views

CVE-2013-1473

CVE-2013-1473 is described as an unspecified vulnerability in the JRE Deployment component of Oracle Java SE 7 (up to Update 11) and Java SE 6 (up to Update 38). Connected IBM bulletins identify this CVE among a set of IBM JRE/JRules/ODM vulnerabilities and provide remediation: RS01283 with Windo...

5CVSS5.4AI score0.05487EPSS
Exploits0References14Affected Software1
Rows per page
Query Builder