9859 matches found
JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer...
IBM WebSphere Application Server 6.1.0.9 Security Bypass Vulnerability
IBM WebSphere Application Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only. CPE =...
HP Universal CMDB Server Axis2 default password
Added: 02/22/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background HP Universal CMDB Server 9.0 is a modular management system that consists of a rich business-service-oriented data model with built-in discovery of configuration items CIs and configuration item dependencies, visualization an...
CVE-2008-7274
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
CVE-2011-1032
IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...
Default credentials
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
Code injection
IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...
CVE-2011-1032
IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...
CVE-2008-7274
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
CVE-2011-1032
CVE-2011-1032 affects IBM Lotus Connections 3.0 when used with IBM WebSphere Application Server 7.0.0.11. The vulnerability is that access to the internal login module is not properly restricted. The description provides the affected product/version and the component involved (internal login modu...
Microsoft Windows Kerberos Unkeyed Checksum Local Privilege Escalation Vulnerability
Description The Microsoft Windows implementation of Kerberos is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting these issues will result in the complete compromise of affect...
Microsoft Windows OpenType Compact Font Format Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Compact Font Format CFF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attemp...
Microsoft Windows Kernel Integer Truncation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a...
Microsoft Windows Kerberos Encryption Standard Spoofing Vulnerability
Description The Microsoft Windows implementation of Kerberos is prone to a security vulnerability that may allow attackers to downgrade the cipher suite. Successful exploits may allow attackers to change the default encryption standard to DES. This may allow attackers to read and forge all Kerber...
Microsoft Internet Explorer CVE-2011-0035 Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Microsoft Internet Explorer 'mshtml.dll' Dangling Pointer Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0088) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
CVE-2011-0732
Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...
Security feature bypass
Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...
CVE-2011-0732
Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...