Lucene search
K

9873 matches found

Symantec
Symantec
added 2013/02/12 12:0 a.m.33 views

Microsoft Windows 'Win32k.sys' CVE-2013-1258 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
added 2013/02/12 12:0 a.m.27 views

Microsoft Windows 'Win32k.sys' CVE-2013-1248 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.7AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
added 2013/02/12 12:0 a.m.34 views

Microsoft .NET Framework CVE-2013-0073 Remote Privilege Escalation Vulnerability

Description The Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. Successful exploits may allow an attacker to execute arbitrary code with elevated privileges; this may result in the attacker gaining complete control of the affected system. Technologies Affected...

10CVSS7.4AI score0.29632EPSS
Exploits0Affected Software9
Symantec
Symantec
added 2013/02/12 12:0 a.m.24 views

Microsoft Windows 'Win32k.sys' CVE-2013-1275 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01047EPSS
Exploits0Affected Software13
Symantec
Symantec
added 2013/02/12 12:0 a.m.42 views

Microsoft Windows 'Win32k.sys' CVE-2013-1273 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01525EPSS
Exploits0Affected Software13
Symantec
Symantec
added 2013/02/12 12:0 a.m.33 views

Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution Vulnerability

Description Microsoft Windows Object Linking and Embedding OLE Automation is prone to a remote code-execution vulnerability due to an integer overflow error. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage or a specially crafted file. Successful...

0.6AI score
Exploits0Affected Software3
Symantec
Symantec
added 2013/02/12 12:0 a.m.35 views

Microsoft Windows 'Win32k.sys' CVE-2013-1265 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01047EPSS
Exploits0Affected Software13
RedHat Linux
RedHat Linux
added 2013/02/11 5:59 p.m.44 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0 CP10 security update

An update for JBoss Enterprise Application Platform 4.3.0 CP10 which fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

7.5CVSS5.8AI score0.02344EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/02/04 11:28 p.m.30 views

Moderate: Red Hat Security Advisory: rhevm 3.1.2 security and bug fix update

Updated rhevm packages that fix two security issues and various bugs are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

4CVSS5.8AI score0.01919EPSS
Exploits0References29
NVD
NVD
added 2013/01/27 6:55 p.m.20 views

CVE-2013-0458

Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2, when login security is disabled, allows remote attackers to inject arbitrary web script or HTML via...

4.3CVSS5.5AI score0.01812EPSS
Exploits0References3
NVD
NVD
added 2013/01/27 6:55 p.m.22 views

CVE-2013-0461

Cross-site scripting XSS vulnerability in the virtual member manager VMM administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecifi...

4.3CVSS5.4AI score0.01812EPSS
Exploits0References3
NVD
NVD
added 2013/01/27 6:55 p.m.25 views

CVE-2013-0460

Cross-site request forgery CSRF vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47 and 7.0 before 7.0.0.27 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site...

6.8CVSS6.2AI score0.00979EPSS
Exploits0References3
NVD
NVD
added 2013/01/27 6:55 p.m.24 views

CVE-2013-0462

Unspecified vulnerability in IBM WebSphere Application Server WAS 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors...

10CVSS6.2AI score0.01816EPSS
Exploits0References1
NVD
NVD
added 2013/01/27 6:55 p.m.25 views

CVE-2013-0459

Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.4AI score0.01812EPSS
Exploits0References3
CVE
CVE
added 2013/01/27 6:0 p.m.68 views

CVE-2013-0458

CVE-2013-0458 is an XSS in IBM WebSphere Application Server Administrative Console when login security is disabled. Affected products/versions: WAS 6.1 prior to 6.1.0.47, WAS 7.0 prior to 7.0.0.27, WAS 8.0 prior to 8.0.0.6, and WAS 8.5 prior to 8.5.0.2. Remediation per IBM advisories PM71139/PM71...

4.3CVSS7.4AI score0.01812EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/01/27 6:0 p.m.23 views

CVE-2013-0462

Unspecified vulnerability in IBM WebSphere Application Server WAS 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors...

6.1AI score0.01816EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/01/27 6:0 p.m.25 views

CVE-2013-0461

Cross-site scripting XSS vulnerability in the virtual member manager VMM administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecifi...

5.3AI score0.01812EPSS
Exploits0References3
CVE
CVE
added 2013/01/27 6:0 p.m.75 views

CVE-2013-0460

CVE-2013-0460: IBM WebSphere Application Server contains a CSRF vulnerability in the portlet-based administrative console. An attacker could hijack user authentication and inject XSS sequences via requests to vulnerable portlets in WAS 6.1 up to 6.1.0.46 and 7.0 up to 7.0.0.26. Root cause: improp...

6.8CVSS8.7AI score0.00979EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/01/27 6:0 p.m.71 views

CVE-2013-0459

CVE-2013-0459 is an XSS vulnerability in the IBM WebSphere Application Server administrative console. The flaw allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Affected versions include WAS 6.1 prior to 6.1.0.47, WAS 7.0 prior to 7.0.0.27, WAS 8.0 prior to 8.0.0.6,...

4.3CVSS7.3AI score0.01812EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/01/27 6:0 p.m.64 views

CVE-2013-0461

CVE-2013-0461 is an XSS in WebSphere Application Server's Virtual Member Manager (VMM) Administrative Console. Root cause: improper input validation in the administrative console, allowing a remote attacker to inject script via an error message. Affected versions (per IBM/DOC): WAS 6.1.0.46 and e...

4.3CVSS7.3AI score0.01812EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder