Lucene search
K

9863 matches found

CVE
CVE
added 2011/10/30 10:0 a.m.58 views

CVE-2009-2747

CVE-2009-2747 affects IBM WebSphere Application Server’s JNDI implementation. The root cause is improper access control on UserRegistry object methods, allowing remote attackers to disclose sensitive information via a crafted method call. Affected versions are WAS 6.0 prior to 6.0.2.39, 6.1 prior...

5CVSS5.8AI score0.01931EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2011/10/29 10:55 a.m.16 views

Code injection

The JavaServer Faces JSF application functionality in IBM WebSphere Application Server 8.x before 8.0.0.1 does not properly handle requests, which allows remote attackers to read unspecified files via unknown vectors...

5CVSS6.8AI score0.01931EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2011/10/29 10:0 a.m.60 views

CVE-2011-1368

Summary: CVE-2011-1368 affects IBM WebSphere Application Server 8.x prior to 8.0.0.1, where the JSF request handling could allow remote attackers to read unspecified files via unknown vectors (information disclosure). What’s affected: IBM WebSphere Application Server 8.x with the JSF component be...

5CVSS6.4AI score0.01931EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2011/10/28 2:49 a.m.15 views

CVE-2011-1360

Multiple cross-site scripting XSS vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unspecified documentation files in 1 manual/ibm/ and 2...

4.3CVSS5.6AI score0.01674EPSS
Exploits0References4
CVE
CVE
added 2011/10/28 1:0 a.m.71 views

CVE-2011-1360

CVE-2011-1360 covers multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier. The issue arises from untrusted input in documentation-related paths (manual/ibm/ and htdocs/*/manual/ibm/), enabling an attacker to inject arbitrary script/HTML. Products using IBM HTT...

4.3CVSS5.7AI score0.01674EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/10/28 1:0 a.m.22 views

CVE-2011-1360

Multiple cross-site scripting XSS vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unspecified documentation files in 1 manual/ibm/ and 2...

5.6AI score0.01674EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2011/10/21 11:50 a.m.102 views

JBoss Worm Exploiting Old Bug to Infect Unpatched Servers

There is a new worm circulating right now that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm also attempts to install a remote access tool in order to give the attacker control over the newly infected server. The worm has...

5CVSS0.5AI score0.79415EPSS
Exploits28References5
Zero Day Initiative
Zero Day Initiative
added 2011/10/18 12:0 a.m.22 views

Cisco Unified Service Monitor brstart sm_read_string_length Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server. Authentication is not required to exploit this vulnerability. The flaw exists within the brstart.exe service which listen...

10CVSS4.6AI score0.10963EPSS
Exploits0References2
Symantec
Symantec
added 2011/10/18 12:0 a.m.125 views

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

10CVSS0.8AI score0.96714EPSS
Exploits24References3Affected Software67
Symantec
Symantec
added 2011/10/11 12:0 a.m.44 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-2011) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.2AI score0.01787EPSS
Exploits1Affected Software20
Symantec
Symantec
added 2011/10/11 12:0 a.m.16 views

Microsoft Windows Kernel 'Win32k.sys' TrueType Font File Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0 Avaya...

0.1AI score
Exploits0Affected Software14
Symantec
Symantec
added 2011/10/11 12:0 a.m.34 views

Microsoft Internet Explorer 'Jscript9.dll' CVE-2011-1998 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS0.21228EPSS
Exploits1Affected Software6
Symantec
Symantec
added 2011/10/11 12:0 a.m.32 views

Microsoft Internet Explorer Select Element CVE-2011-1999 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.27959EPSS
Exploits2References3Affected Software6
Symantec
Symantec
added 2011/10/11 12:0 a.m.32 views

Microsoft Internet Explorer Virtual Function Table CVE-2011-2001 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.43125EPSS
Exploits1Affected Software6
Exploit DB
Exploit DB
added 2011/10/11 12:0 a.m.32 views

JBoss AS 2.0 - Remote Command Execution

THE FULL DAYTONA PACKAGE -- BY KINGCOPE, YEAR 2011 THREE JBOSS APPLICATION SERVER REMOTE EXPLOITS WITH AUTHEN BYPASS PORTED FROM METASPLOIT AND BEEFED UP WITH TWO SCANNERS: PNSCAN W/ SSL SUPPORT SYNSCAN MODDED FILES: daytonabsh.pl, daytonadeployfile.pl, daytonamaindeploy.pl THE REMOTE EXPLOITS,...

7.4AI score
Exploits0
Symantec
Symantec
added 2011/10/11 12:0 a.m.37 views

Microsoft Windows AFD Driver CVE-2011-2005 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS7.8AI score0.31761EPSS
Exploits12Affected Software5
Symantec
Symantec
added 2011/10/11 12:0 a.m.29 views

Microsoft Internet Explorer 'SwapNode()' CVE-2011-2000 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.18886EPSS
Exploits1References1Affected Software6
Symantec
Symantec
added 2011/10/11 12:0 a.m.14 views

Microsoft Silverlight & .NET Framework Inheritance Restriction Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

0.5AI score
Exploits0Affected Software6
OpenVAS
OpenVAS
added 2011/09/28 12:0 a.m.18 views

IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability

IBM WebSphere Application Server is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user and gain access to the affected application; other attacks are also possible. IBM WebSphere...

Exploits0References4
OpenVAS
OpenVAS
added 2011/09/28 12:0 a.m.10 views

IBM WebSphere Application Server < 8.0.0.1 CSRF Vulnerability

IBM WebSphere Application Server is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

7.3AI score
Exploits0References3
Rows per page
Query Builder