Lucene search
K

52 matches found

CVE
CVE
added 2012/09/19 9:0 p.m.51 views

CVE-2012-5003

CVE-2012-5003 concerns nxapplet.jar in No Machine NX Web Companion 3.x and earlier. The update authenticity check is insufficient, allowing a user-assisted remote attacker to execute arbitrary code via a crafted (SiteUrl) or (RedirectUrl) parameter that points to a Trojan Horse client.zip update ...

6.8CVSS7.8AI score0.03153EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2011/11/28 12:0 a.m.19 views

Apple iTunes RCE Vulnerability (HT5030) - Windows

Apple iTunes is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes"...

7.5CVSS6.2AI score0.02617EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2011/08/28 8:22 p.m.1 views

INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.34 views

openSUSE Security Update : w3m (openSUSE-SU-2010:0393-1)

w3m did not handle embedded nul characters in the common name and in subject alternative names of x509 certificates. CVE-2010-2074 has been assigned to this issue. This update also turns on verification of x509 certificates by default which was not the case before. %NASLMINLEVEL 70300 C Tenable...

6.8CVSS7AI score0.01491EPSS
Exploits0References3
NVD
NVD
added 2008/08/01 2:41 p.m.15 views

CVE-2008-3435

LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3
Prion
Prion
added 2008/08/01 2:41 p.m.14 views

Design/Logic Flaw

SpeedBit Download Accelerator Plus DAP before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS8AI score0.0184EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2008/08/01 2:41 p.m.17 views

Design/Logic Flaw

LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.9AI score0.0184EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2008/08/01 2:41 p.m.23 views

CVE-2008-3439

SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.20 views

CVE-2008-3442

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.03758EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2008/08/01 12:0 a.m.40 views

KLA10244 ACE vulnerability in LinkedIn Browser Toolbar

Improper update verification was found in the LinkedIn Browser Toolbar. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products LinkedIn-Internet-Explorer-Toolb...

7.5CVSS7.5AI score0.0184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2008/08/01 12:0 a.m.7 views

PT-2008-4841 · Apple · Macos X

Name of the Vulnerable Software and Affected Versions: Apple Mac OS X affected versions not specified Description: The issue is related to the improper verification of update authenticity, allowing man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. This can be achiev...

8.1CVSS8.1AI score0.00829EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/09/15 6:49 a.m.43 views

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Two flaws were found in...

10CVSS6.7AI score0.14074EPSS
Exploits1References2
Rows per page
Query Builder