Lucene search
K

9873 matches found

Tenable Nessus
Tenable Nessus
added 2013/08/23 12:0 a.m.77 views

IBM WebSphere Application Server 8.0 < Fix Pack 7 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 7 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists related to Apache Ant and file compression that could lead to denial of service conditions. CVE-2012-2098 /...

7.5CVSS7.3AI score0.35584EPSS
Exploits6References15
NVD
NVD
added 2013/08/21 9:55 p.m.20 views

CVE-2013-2967

Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.5AI score0.02102EPSS
Exploits0References3
NVD
NVD
added 2013/08/21 9:55 p.m.21 views

CVE-2013-2976

The Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors...

1.9CVSS7AI score0.00354EPSS
Exploits0References3
Prion
Prion
added 2013/08/21 9:55 p.m.13 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert...

6.8CVSS6.5AI score0.00979EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/08/21 9:55 p.m.18 views

Information disclosure

The Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors...

1.9CVSS5.9AI score0.00354EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/08/21 9:0 p.m.29 views

CVE-2013-2976

The Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors...

7AI score0.00354EPSS
Exploits0References3
CVE
CVE
added 2013/08/21 9:0 p.m.62 views

CVE-2013-4005

CVE-2013-4005 is an IBM WebSphere Application Server cross-site scripting (XSS) vulnerability in the Administrative Console caused by improper validation of input. A remote authenticated attacker could inject script via unspecified fields. Affected WAS versions include 6.1 (6.1.0.45 and earlier),...

3.5CVSS7AI score0.01449EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/08/21 9:0 p.m.25 views

CVE-2013-4005

Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified fields...

5.1AI score0.01449EPSS
Exploits0References4
CVE
CVE
added 2013/08/21 9:0 p.m.62 views

CVE-2013-2976

CVE-2013-2976 : IBM WebSphere Application Server’s Administrative Console caches data in a way that lets local users obtain sensitive information. Affected versions include WAS 6.1, 7.0, and 8.x (including 8.0/8.5). The issue is a local information-disclosure via caching; no exploit vectors are s...

1.9CVSS7.4AI score0.00354EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/08/21 9:0 p.m.68 views

CVE-2013-4004

CVE-2013-4004 — IBM WebSphere Application Server XSS in Admin Console Issue: Cross-site scripting (XSS) in the Administrative Console of IBM WebSphere Application Server. Remote authenticated users can inject script/HTML via unspecified vectors. Affected versions (per initial description): IBM We...

3.5CVSS6.9AI score0.01449EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2013/08/16 4:55 p.m.25 views

CVE-2013-4213

Red Hat JBoss Enterprise Application Platform EAP 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client...

6.4CVSS5.9AI score0.02473EPSS
Exploits1References2
Symantec
Symantec
added 2013/08/13 12:0 a.m.38 views

Microsoft Windows Uniscribe Font Parsing CVE-2013-3181 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the...

9.3CVSS7.2AI score0.20444EPSS
Exploits1Affected Software9
Symantec
Symantec
added 2013/08/13 12:0 a.m.29 views

Microsoft Internet Explorer CVE-2013-3187 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...

9.3CVSS0.2AI score0.19338EPSS
Exploits1References1Affected Software3
Symantec
Symantec
added 2013/08/13 12:0 a.m.37 views

Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 7, 8, 9, and 10 are...

9.3CVSS6.9AI score0.58427EPSS
Exploits8References1Affected Software3
Symantec
Symantec
added 2013/08/13 12:0 a.m.22 views

Microsoft Windows Kernel CVE-2013-3198 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS1.8AI score0.02079EPSS
Exploits0References1Affected Software5
Symantec
Symantec
added 2013/08/13 12:0 a.m.23 views

Microsoft Internet Explorer CVE-2013-3199 Use After Free Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a use-after-free memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7...

9.3CVSS7AI score0.19338EPSS
Exploits0References1Affected Software3
Symantec
Symantec
added 2013/08/13 12:0 a.m.29 views

Microsoft Internet Explorer CVE-2013-3186 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with elevated privileges. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot...

7.6CVSS0.2AI score0.10213EPSS
Exploits1References2Affected Software3
Symantec
Symantec
added 2013/08/13 12:0 a.m.28 views

Microsoft Internet Explorer CVE-2013-3189 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8 and 9 are affecte...

9.3CVSS0.2AI score0.20058EPSS
Exploits0References1Affected Software3
Symantec
Symantec
added 2013/08/13 12:0 a.m.27 views

Microsoft Windows Kernel CVE-2013-3196 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS1.8AI score0.02079EPSS
Exploits1References1Affected Software5
Tenable Nessus
Tenable Nessus
added 2013/08/11 12:0 a.m.115 views

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities

According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities. Note that Nessus did not verify if patches or workarounds have been applied. C Tenable Network Security, Inc. include"compat.inc"; if description...

10CVSS7.1AI score0.94248EPSS
Exploits26References15
Rows per page
Query Builder