Lucene search
+L

50 matches found

redhat
redhat
added 2014/04/17 9:28 a.m.6 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS6.8AI score0.04976EPSS
Exploits0References5
redhat
redhat
added 2014/04/17 9:28 a.m.6 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS6.8AI score0.04976EPSS
Exploits0References5
redhat
redhat
added 2014/04/16 11:34 a.m.6 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7.1AI score0.04976EPSS
Exploits0References5
redhat
redhat
added 2014/04/16 11:24 a.m.5 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7.1AI score0.04976EPSS
Exploits0References5
redhat
redhat
added 2014/04/16 11:23 a.m.4 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7.1AI score0.04976EPSS
Exploits0References5
osv
osv
added 2014/04/15 12:0 a.m.6 views

UBUNTU-CVE-2014-2414

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7AI score0.04976EPSS
Exploits0References5
redhat
redhat
added 2014/04/03 9:19 p.m.7 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
redhat
redhat
added 2014/03/03 6:25 p.m.6 views

Framework: XML External Entity (XXE) injection flaw

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in...

6.8CVSS7.3AI score0.26467EPSS
Exploits1References7
openvas
openvas
added 2014/02/11 12:0 a.m.37 views

Mozilla Firefox ESR Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

10CVSS9.1AI score0.07072EPSS
Exploits9References10
openvas
openvas
added 2014/02/11 12:0 a.m.35 views

Mozilla Firefox ESR Multiple Vulnerabilities-01 (Feb 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

10CVSS9.1AI score0.07072EPSS
Exploits9References10
openvas
openvas
added 2014/02/11 12:0 a.m.41 views

SeaMonkey Multiple Vulnerabilities-01 (Feb 2014) - Windows

SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...

10CVSS9.1AI score0.07072EPSS
Exploits11References15
openvas
openvas
added 2014/02/11 12:0 a.m.43 views

SeaMonkey Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X

SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...

10CVSS9.1AI score0.07072EPSS
Exploits11References15
openvas
openvas
added 2014/02/11 12:0 a.m.73 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

10CVSS9AI score0.07072EPSS
Exploits9References10
openvas
openvas
added 2014/02/11 12:0 a.m.35 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Feb 2014) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

10CVSS9AI score0.07072EPSS
Exploits9References10
openvas
openvas
added 2014/02/11 12:0 a.m.35 views

Mozilla Firefox Multiple Vulnerabilities-01 (Feb 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS9.1AI score0.07072EPSS
Exploits11References16
nessus
nessus
added 2014/02/05 12:0 a.m.34 views

Firefox ESR 24.x < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to...

10CVSS7.2AI score0.07072EPSS
Exploits9References16
nessus
nessus
added 2014/02/05 12:0 a.m.43 views

Thunderbird < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to System...

10CVSS8AI score0.07072EPSS
Exploits9References16
mozilla
mozilla
added 2014/02/04 12:0 a.m.64 views

Clone protected content with XBL scopes — Mozilla

Security researcher Cody Crews reported a method to bypass System Only Wrappers SOW by using XML Binding Language XBL content scopes to clone protected XUL elements. This could be used to clone anonymous nodes, making trusted XUL content web accessible...

7.5CVSS8.5AI score0.04602EPSS
Exploits1References2Affected Software4
redhat
redhat
added 2013/09/17 7:15 p.m.5 views

Mozilla: Compartment mismatch re-attaching XBL-backed nodes (MFSA 2013-88)

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of...

6.8CVSS6.9AI score0.02251EPSS
Exploits0References5
spring
spring
added 2013/08/22 12:0 a.m.7 views

XML eXternal Entity (XXE) injection in Spring Framework

The Spring OXM wrapper did not expose any property for disabling entity resolution when using the JAXB unmarshaller. There are four possible source implementations passed to the unmarshaller: DOMSource, StAXSource, SAXSource and StreamSource. For a DOMSource, the XML has already been parsed by us...

6.8CVSS8.2AI score0.26467EPSS
Exploits1References1
Rows per page
Query Builder