Lucene search
K

9873 matches found

Symantec
Symantec
added 2013/05/14 12:0 a.m.32 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1333 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a buffer-overflow error. A local attacker can exploit this issue to escalate privileges and perform unauthorized actions. Technologies Affected Avaya CallPilot 4.0 Avaya...

7.2CVSS0.4AI score0.02145EPSS
Exploits1Affected Software11
Symantec
Symantec
added 2013/05/14 12:0 a.m.36 views

Microsoft Internet Explorer JSON Array CVE-2013-1297 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 6, 7, and 8 are vulnerable. Technologies Affected Avaya Aura Conferencing Standard Avaya...

4.3CVSS8.5AI score0.16777EPSS
Exploits0Affected Software2
Symantec
Symantec
added 2013/05/14 12:0 a.m.33 views

Microsoft Internet Explorer CVE-2013-1307 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.5AI score0.20643EPSS
Exploits0Affected Software2
Symantec
Symantec
added 2013/05/14 12:0 a.m.37 views

Microsoft Windows DirectX Graphics Kernel CVE-2013-1332 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that is related to DirectX Graphics Kernel Subsystem. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of...

7.2CVSS0.3AI score0.01878EPSS
Exploits1Affected Software13
OpenVAS
OpenVAS
added 2013/05/13 12:0 a.m.31 views

Fedora Update for plexus-archiver FEDORA-2013-5548

Check for the Version of plexus-archiver OpenVAS Vulnerability Test Fedora Update for plexus-archiver FEDORA-2013-5548 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

5CVSS6.6AI score0.12608EPSS
Exploits1References2
Fedora
Fedora
added 2013/05/11 3:16 a.m.37 views

[SECURITY] Fedora 19 Update: plexus-archiver-2.3-1.fc19

The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...

5CVSS0.7AI score0.12608EPSS
Exploits1
Fedora
Fedora
added 2013/05/11 12:27 a.m.30 views

[SECURITY] Fedora 18 Update: plexus-archiver-2.3-1.fc18

The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...

5CVSS0.7AI score0.12608EPSS
Exploits1
Fedora
Fedora
added 2013/05/11 12:26 a.m.28 views

[SECURITY] Fedora 17 Update: plexus-archiver-2.3-1.fc17

The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...

5CVSS0.7AI score0.12608EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/05/04 12:0 a.m.79 views

Trellix ePolicy Orchestrator Application Server Detection

ePolicy Orchestrator ePO Application Server, a web interface for ePO, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66318; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/03/14";...

5.5AI score
Exploits0References1
seebug.org
seebug.org
added 2013/04/26 12:0 a.m.21 views

JBoss 4.2.0 JMXInvoker 代码执行漏洞

JBoss是基于J2EE的开放源代码的应用服务器,其4.2.0默认会开启JMXInvoker, 攻击可使用JMXInvoker部署一个war,从而成功地远程部署了恶意代码。 JBoss 4.2.0...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/04/25 12:0 a.m.12 views

JBoss 4.2.0 WebConsole/Invoker 代码执行漏洞

JBoss是基于J2EE的开放源代码的应用服务器,其4.2.0版本会开启WebConsole, 攻击可使用WebConsole/Invoker部署一个war,从而成功地远程部署了恶意代码。 JBoss 4.2.0...

7.1AI score
Exploits0
NVD
NVD
added 2013/04/24 10:28 a.m.16 views

CVE-2013-0543

IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote attackers to bypass intended access restrictions...

6.8CVSS6.3AI score0.02532EPSS
Exploits0References3
NVD
NVD
added 2013/04/24 10:28 a.m.18 views

CVE-2013-0565

Cross-site scripting XSS vulnerability in the RPC adapter for the Web 2.0 and Mobile toolkit in IBM WebSphere Application Server WAS 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted response...

4.3CVSS5.5AI score0.01812EPSS
Exploits0References3
Prion
Prion
added 2013/04/24 10:28 a.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via crafted field values...

4.3CVSS5.9AI score0.01812EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/04/24 10:28 a.m.17 views

Directory traversal

Directory traversal vulnerability in the Administrative Console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux and UNIX allows remote authenticated users to modify data via unspecified vectors...

4CVSS6.3AI score0.03147EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/04/24 10:28 a.m.16 views

Authentication flaw

IBM WebSphere Application Server WAS Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session...

3.5CVSS6.7AI score0.016EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/04/24 10:28 a.m.15 views

Design/Logic Flaw

IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote attackers to bypass intended access restrictions...

6.8CVSS6.9AI score0.02532EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/04/24 10:28 a.m.17 views

Buffer overflow

Buffer overflow in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger WIM, allows local users to cause a denial of service daemon crash...

1.9CVSS6.6AI score0.00381EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/04/24 10:0 a.m.68 views

CVE-2013-0540

CVE-2013-0540 : IBM WebSphere Application Server Liberty Profile 8.5 before 8.5.0.2 has an authentication cookie validation flaw when SSL is not enabled, allowing remote authenticated users to bypass access controls via an HTTP session. The connected IBM advisories indicate the remediation is to ...

3.5CVSS8.9AI score0.016EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/04/24 10:0 a.m.63 views

CVE-2013-0543

CVE-2013-0543 affects IBM WebSphere Application Server (WAS) across 6.1 (pre-6.1.0.47), 7.0 (pre-7.0.0.29), 8.0 (pre-8.0.0.6), and 8.5 (pre-8.5.0.2) on Linux, Solaris, and HP-UX. Root cause: improper validation of a user via Local OS registries allows remote bypass of access controls. Remediation...

6.8CVSS9AI score0.02532EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder