Lucene search
K

9863 matches found

CVE
CVE
added 2012/10/16 11:0 p.m.77 views

CVE-2012-3155

The CVE-2012-3155 entry concerns an unspecified DoS vulnerability in the CORBA ORB subcomponent affecting Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1/3.1.2, and Sun Java System Application Server 8.1/8.2. The flaw targets the CORBA ORB component and is described as allowi...

5CVSS6.3AI score0.02531EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2012/10/16 11:0 p.m.32 views

CVE-2012-0518

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175...

5.7AI score0.04664EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/10/16 11:0 p.m.32 views

CVE-2012-3155

Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB...

6.2AI score0.02531EPSS
Exploits0References4
Symantec
Symantec
added 2012/10/09 12:0 a.m.11 views

Microsoft Windows Kernel 'Win32k.sys' Integer Overflow Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Technologies Affected Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1 Avaya Communication Server 10...

0.7AI score
Exploits0Affected Software12
Packet Storm
Packet Storm
added 2012/10/04 12:0 a.m.29 views

Oracle Identity Management 10g Cross Site Scripting

Oracle Identity Management 10g username XSS POST Injection Vulnerability form name="XSS" method="P...

Exploits0
Tenable Nessus
Tenable Nessus
added 2012/10/03 12:0 a.m.51 views

IBM WebSphere Application Server 7.0 < Fix Pack 25 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 before Fix Pack 25 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - Several errors exist related to SSL/TLS that can allow an attacker to carry out denial of service attacks against the...

6.8CVSS8.1AI score0.0388EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2012/10/02 12:0 a.m.51 views

IBM WebSphere Application Server 6.1 < Fix Pack 45 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 45 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - An error exists related to 'Application Snoop Servlet' and missing access controls. This error can allow sensitive information...

6.8CVSS8AI score0.0388EPSS
Exploits4References21
seebug.org
seebug.org
added 2012/09/27 12:0 a.m.26 views

IBM WebSphere Application Server for z/OS CBIND检查绕过漏洞

CVE ID: CVE-2012-3311 IBM WebSphere Application Server WAS是由IBM遵照开放标准开发并发行的一种应用服务器。 IBM WebSphere Application Server for z/OS 8.5、8.0-8.0.0.4、7.0-7.0.0.23、6.1.0-6.1.0.43版本在执行CBIND检查时存在错误,成功利用后可绕过某些安全限制,访问或修改非法应用数据。 0 IBM Websphere Application Server 8.5.x IBM Websphere Application Server 8.0.x IB...

3.3CVSS9AI score0.00357EPSS
Exploits1
NVD
NVD
added 2012/09/25 8:55 p.m.20 views

CVE-2012-3306

IBM WebSphere Application Server WAS 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack vectors...

6.8CVSS6.6AI score0.01613EPSS
Exploits0References3
Prion
Prion
added 2012/09/25 8:55 p.m.19 views

Directory traversal

Directory traversal vulnerability in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file...

6.4CVSS6.8AI score0.02898EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/09/25 8:0 p.m.25 views

CVE-2012-3305

Directory traversal vulnerability in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file...

6.2AI score0.02898EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/09/25 8:0 p.m.23 views

CVE-2012-3304

The Administrative Console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors...

6.2AI score0.02066EPSS
Exploits0References4
CVE
CVE
added 2012/09/25 8:0 p.m.74 views

CVE-2012-3311

Summary of the IBM WebSphere Application Server (WAS) vulnerabilities (CVE-2012-2159 to CVE-2012-4853) and fixes: WAS versions 6.1, 7.0, 8.0, and 8.5 (including Liberty profile) are affected by multiple issues across the Administrative Console, IIOP/CBIND handling on z/OS, proxy server requests, ...

3.3CVSS8.2AI score0.00357EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2012/09/25 8:0 p.m.76 views

CVE-2012-3305

CVE-2012-3305 in IBM WebSphere Application Server is a directory traversal vulnerability present in WAS versions 6.1 (up to 6.1.0.47), 7.0 (up to 7.0.0.25), 8.0 (up to 8.0.0.5), and 8.5 (up to 8.5.0.1). An attacker could remotely overwrite files outside the deployment directory via a crafted appl...

6.4CVSS8.9AI score0.02898EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2012/09/25 8:0 p.m.64 views

CVE-2012-3306

Summary (CVE-2012-3306 family in IBM WebSphere Application Server) : Multiple IBM WebSphere bulletins and NASL/OSS feeds reference CVEs affecting WebSphere Application Server components across versions 6.1, 7.0, 8.x (notably 8.5.x) and IBM HTTP Server, with the core issues including: CVE-2012-330...

6.8CVSS9.4AI score0.01613EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2012/09/09 12:0 a.m.24 views

IBM WebSphere Application Server跨站脚本执行和安全限制绕过漏洞

BUGTRAQ ID: 51559 CVE ID: CVE-2011-5065 IBM WebSphere Application Server WAS是由IBM遵照开放标准开发并发行的一种应用服务器。 IBM WebSphere Application Server WAS Web Services Feature Pack 6.1.0.41之前版本中存在XSS漏洞,可允许远程攻击者注入任意Web脚本或HTML脚本。 0 IBM Websphere Application Server 6.1.x 厂商补丁: IBM --- IBM已经为此发布了一个安全公告(72336)以及相应补丁:...

4.3CVSS6.3AI score0.01929EPSS
Exploits1
seebug.org
seebug.org
added 2012/09/04 12:0 a.m.43 views

IBM WebSphere Application Server管理员权限访问安全绕过漏洞

BUGTRAQ ID: 55309 CVE ID: CVE-2012-3325 IBM WebSphere Application Server WAS是由IBM遵照开放标准开发并发行的一种应用服务器。 IBM WebSphere Application Server 6.1.0.43、7.0.0.21-7.0.0.23、8.0.0.2-8.0.0.4、8.5.0.0在验证用户凭证时存在错误,可被利用以管理员身份访问应用。成功利用此漏洞需要应用PM44303的临时修复或包含PM44303的修复包。 0 IBM Websphere Application Server 8.0.0.4 IB...

6CVSS9AI score0.01819EPSS
Exploits1
NVD
NVD
added 2012/08/30 10:55 p.m.15 views

CVE-2012-3325

IBM WebSphere Application Server WAS 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via...

6CVSS5.8AI score0.01819EPSS
Exploits1References7
Cvelist
Cvelist
added 2012/08/30 10:0 p.m.21 views

CVE-2012-3325

IBM WebSphere Application Server WAS 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via...

5.8AI score0.01819EPSS
Exploits1References7
CVE
CVE
added 2012/08/30 10:0 p.m.75 views

CVE-2012-3325

CVE-2012-3325 affects IBM WebSphere Application Server (WAS): vulnerable versions include WAS 6.1.x (&lt;6.1.0.45), 7.0.x (&lt;7.0.0.25), 8.0.x (&lt;8.0.0.5), and 8.5.x Full Profile (

6CVSS8.5AI score0.01819EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder