Lucene search
+L

197 matches found

Prion
Prion
added 2012/02/15 10:55 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism...

9.3CVSS5.9AI score0.03852EPSS
Exploits0References8Affected Software2
UbuntuCve
UbuntuCve
added 2012/02/15 10:55 p.m.34 views

CVE-2012-0504

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism...

9.3CVSS5.9AI score0.03852EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/02/15 10:0 p.m.36 views

CVE-2012-0504

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism...

5.5AI score0.03852EPSS
Exploits0References8
CVE
CVE
added 2012/02/15 10:0 p.m.308 views

CVE-2012-0504

Technical details for CVE-2012-0504 are not publicly provided in the supplied documents. No affected product/version or root cause is specified here. Monitor for updates in the connected sources.

9.3CVSS5.6AI score0.03852EPSS
Exploits0References8Affected Software1
ThreatPost
ThreatPost
added 2012/02/07 6:34 p.m.15 views

Google to Stop Using Online CRL Checks for Chrome

In the face of mounting evidence that the CA system is inherently flawed, Google officials are in the process of making changes to the way Chrome handles certificate revocations, and no longer will be using online revocation checks. Instead, Chrome will use the existing update system in the brows...

6.8AI score
Exploits0References3
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.74 views

[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...

9.3CVSS1.2AI score0.02381EPSS
Exploits1
Packet Storm
Packet Storm
added 2011/12/08 12:0 a.m.57 views

Restorepoint 3.2-Evaluation Remote Root Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...

9.3CVSS0.3AI score0.02381EPSS
Exploits1
seebug.org
seebug.org
added 2011/11/16 12:0 a.m.28 views

Apple iTunes 10.x软件更新伪造漏洞

CVE ID:CVE-2008-3434 Apple iTunes是一款用于Mac和PC的一款免费应用程序。它可以播放你的全部音乐和视频内容。 Apple iTunes存在一个安全漏洞,允许恶意用户进行伪造攻击。 使用HTTP请求检查新的更新时软件升级机制存在缺陷,攻击者可以利用漏洞通过中间人攻击伪造更新。 要成功利用漏洞需要目标系统没有安装Apple Software Update。 Apple iTunes 10.x 厂商解决方案 Apple iTunes 10.5.1已经修复此漏洞,建议用户下载使用: http://www.apple.com...

7.5CVSS6.5AI score0.02617EPSS
Exploits1
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.63 views

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: September 13, 2011 Vulnerability identifier: APSB11-24 CVE numbers: CVE-2011-1353, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,...

9.3CVSS0.7AI score0.07964EPSS
Exploits12
ThreatPost
ThreatPost
added 2011/04/14 2:47 p.m.10 views

Adobe to Patch Flash Zero Day on Windows, Mac on Friday

Adobe is planning to patch the recently disclosed Flash Player vulnerability on Friday for users on Windows, Mac OS X and Linux. The vulnerability is being used in targeted attacks right now that use malicious Word documents. Adobe said on Wednesday night that it plans to push out the Flash Playe...

1AI score
Exploits0References3
securityvulns
securityvulns
added 2011/02/11 12:0 a.m.81 views

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: February 8, 2011 Vulnerability identifier: APSB11-03 CVE Numbers: CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0564, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0568, CVE-2011-0570, CVE-2011-0585,...

9.3CVSS1.3AI score0.4954EPSS
Exploits2
OpenVAS
OpenVAS
added 2011/01/21 12:0 a.m.22 views

ICQ 7 Instant Messaging Client RCE Vulnerability

ICQ is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.02547EPSS
Exploits0References3
Prion
Prion
added 2011/01/18 6:3 p.m.15 views

Code injection

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetched through an automatic-update mechanism...

9.3CVSS7.9AI score0.02547EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2011/01/18 12:0 a.m.37 views

Remote Code Execution in ICQ 7

SUMMARY The ICQ 7 instant messaging client allows remote code execution due to a flaw in its automatic update mechanism. VULNERABLE APPLICATIONS All versions of ICQ 7 for Windows, up to version 7.2, build 3525 which is the current version ICQ 6 and older versions were not tested. Other ICQ client...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/14 12:0 a.m.33 views

ICQ 7 Failed Origin Check

SUMMARY The ICQ 7 instant messaging client allows remote code execution due to a flaw in its automatic update mechanism. VULNERABLE APPLICATIONS All versions of ICQ 7 for Windows, up to version 7.2, build 3525 which is the current version ICQ 6 and older versions were not tested. Other ICQ client...

Exploits0
ThreatPost
ThreatPost
added 2009/09/11 12:11 p.m.12 views

Mozilla Plugs Drive-By Download Holes in Firefox

Mozilla has released a new version of its flagship Firefox browser to fix 10 vulnerabilities that put Web surfers at risk of code execution attacks. The Firefox 3.5.3 update — available for Windows, Mac and Linux users — patches security holes that could allow drive-by download attacks if a user...

2.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2009/08/25 3:1 p.m.8 views

80% of Web Users Running Unpatched Versions of Flash/Acrobat

From ZDNet Dancho Danchev According to a research published by Trusteer earlier this month, 79.5% of the 2.5 million users of their Rapport security service run a vulnerable version of Adobe Flash, with 83.5% also running a vulnerable version of Acrobat. The company has also criticized Adobe by...

0.6AI score
Exploits0References3
Rows per page
Query Builder