Lucene search
K

9863 matches found

Symantec
Symantec
added 2011/06/14 12:0 a.m.28 views

Microsoft Internet Explorer Link Properties Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
added 2011/06/14 12:0 a.m.16 views

Microsoft Internet Explorer DOM Editing Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
added 2011/06/14 12:0 a.m.21 views

Microsoft Windows Server Message Block Client Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Microsoft Server Message Block SMB client. An attacker can exploit this issue by sending a specially crafted SMB response to the affected application. Successfully exploiting this issue allows a...

0.1AI score
Exploits0Affected Software8
Packet Storm
Packet Storm
added 2011/06/14 12:0 a.m.137 views

Oracle HTTP Server Header Cross Site Scripting

--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...

4.3CVSS0.94281EPSS
Exploits7
Symantec
Symantec
added 2011/06/14 12:0 a.m.19 views

Microsoft Windows 'win32k.sys' OpenType Font Parsing Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in the kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya...

8AI score
Exploits0Affected Software7
Symantec
Symantec
added 2011/06/14 12:0 a.m.48 views

Microsoft Internet Explorer VML Memory Corruption CVE-2011-1266 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits may allow attackers to execute arbitrary code with...

9.3CVSS7.1AI score0.17977EPSS
Exploits1Affected Software6
Exploit DB
Exploit DB
added 2011/06/13 12:0 a.m.227 views

Oracle HTTP Server - Cross-Site Scripting Header Injection

--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...

4.3CVSS7AI score0.94281EPSS
Exploits7
0day.today
0day.today
added 2011/06/12 12:0 a.m.111 views

Oracle HTTP Server XSS Header Injection

Exploit for multiple platform in category web applications Attack Pattern ID : CAPEC-86 CWE ID : CI-79 OWASP IDs : A1-Injections, A2-Cross Site Scripting XSS CVE ID : not yet Related CVEs : CVE-2006-3918, CVE-2007-0275 A.K.A : Unfiltered Header Injection Product Type : Application Vendor : Oracle...

7.1AI score0.94281EPSS
Exploits7
OpenVAS
OpenVAS
added 2011/05/23 12:0 a.m.31 views

IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability

The host is running IBM WebSphere Application Server and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbibmwasxmlencryptioninfodisclosurevuln.nasl 7006 2017-08-25 11:51:20Z teissa $ IBM WebSphere Application Server WS-Security XML Encryption Weakness...

4.3CVSS6.1AI score0.00671EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/05/23 12:0 a.m.21 views

IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability (May 2011)

IBM WebSphere Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6.2AI score0.00671EPSS
Exploits0References5
Prion
Prion
added 2011/05/05 2:39 a.m.17 views

Hardcoded credentials

The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port...

5CVSS6.8AI score0.01064EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2011/05/04 10:55 p.m.18 views

Design/Logic Flaw

IBM WebSphere Application Server WAS 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a 1 JAX-RPC or 2 JAX-WS Web Services request via unspecified vectors related to a "decryption...

4.3CVSS6.9AI score0.00671EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/05/04 10:0 p.m.24 views

CVE-2011-1209

IBM WebSphere Application Server WAS 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a 1 JAX-RPC or 2 JAX-WS Web Services request via unspecified vectors related to a "decryption...

6.2AI score0.00671EPSS
Exploits0References3
CVE
CVE
added 2011/05/04 10:0 p.m.55 views

CVE-2011-1209

CVE-2011-1209 affects IBM WebSphere Application Server: WAS 6.1 before 6.1.0.39 and WAS 7.0 before 7.0.0.17 use a weak WS-Security XML encryption algorithm, enabling a remote decryption attack to obtain plaintext data from JAX-RPC/JAX-WS requests. Exploitation details/vectors are not specified in...

4.3CVSS6.4AI score0.00671EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2011/04/21 12:0 a.m.74 views

ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability

ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-137 April 19, 2011 -- CVE ID: CVE-2011-0807 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Applicati...

10CVSS0.8AI score0.60878EPSS
Exploits6
NVD
NVD
added 2011/04/20 3:14 a.m.24 views

CVE-2011-0807

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration...

10CVSS5.8AI score0.60878EPSS
Exploits6References2
CVE
CVE
added 2011/04/20 3:9 a.m.174 views

CVE-2011-0807

CVE-2011-0807 affects Oracle GlassFish Server and Sun Java System Application Server. The connected documents describe an authentication bypass vulnerability that can lead to remote code execution by bypassing authentication and deploying/executing a malicious WAR, particularly on GlassFish 2.x, ...

10CVSS5.9AI score0.60878EPSS
Exploits6References2Affected Software2
NVD
NVD
added 2011/04/13 2:55 p.m.21 views

CVE-2011-1683

IBM WebSphere Application Server WAS 6.0.x through 6.0.2.43, 6.1.x before 6.1.0.37, and 7.0.x before 7.0.0.17 on z/OS, when a Local OS user registry or Federated Repository with RACF adapter is used, allows remote attackers to obtain unspecified application access via unknown vectors...

6.8CVSS6.5AI score0.01723EPSS
Exploits0References9
Prion
Prion
added 2011/04/13 2:55 p.m.21 views

Design/Logic Flaw

IBM WebSphere Application Server WAS 6.0.x through 6.0.2.43, 6.1.x before 6.1.0.37, and 7.0.x before 7.0.0.17 on z/OS, when a Local OS user registry or Federated Repository with RACF adapter is used, allows remote attackers to obtain unspecified application access via unknown vectors...

6.8CVSS7AI score0.01723EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2011/04/13 2:0 p.m.52 views

CVE-2011-1683

CVE-2011-1683 concerns IBM WebSphere Application Server on z/OS when using a Local OS user registry or Federated Repository with a RACF adapter. The vulnerability allows remote attackers to obtain unspecified application access via unknown vectors in WAS 6.0.x (up to 6.0.2.43), 6.1.x (before 6.1....

6.8CVSS6.6AI score0.01723EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder