Lucene search
K

9859 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/03/04 12:0 a.m.43 views

JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer...

5CVSS9.1AI score0.2349EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/02/23 12:0 a.m.21 views

IBM WebSphere Application Server 6.1.0.9 Security Bypass Vulnerability

IBM WebSphere Application Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only. CPE =...

4.3CVSS6.4AI score0.00971EPSS
Exploits0References1
Saint
Saint
added 2011/02/22 12:0 a.m.90 views

HP Universal CMDB Server Axis2 default password

Added: 02/22/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background HP Universal CMDB Server 9.0 is a modular management system that consists of a rich business-service-oriented data model with built-in discovery of configuration items CIs and configuration item dependencies, visualization an...

10CVSS9.2AI score0.89871EPSS
Exploits17
NVD
NVD
added 2011/02/15 1:0 a.m.20 views

CVE-2008-7274

IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...

4.3CVSS6.5AI score0.00971EPSS
Exploits0References1
NVD
NVD
added 2011/02/15 1:0 a.m.10 views

CVE-2011-1032

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...

6.8CVSS6.4AI score0.01442EPSS
Exploits0References5
Prion
Prion
added 2011/02/15 1:0 a.m.23 views

Default credentials

IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...

4.3CVSS6.7AI score0.00971EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2011/02/15 1:0 a.m.11 views

Code injection

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...

6.8CVSS7AI score0.01442EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/02/14 11:0 p.m.18 views

CVE-2011-1032

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors...

6.4AI score0.01442EPSS
Exploits0References5
Cvelist
Cvelist
added 2011/02/14 11:0 p.m.25 views

CVE-2008-7274

IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...

6.4AI score0.00971EPSS
Exploits0References1
CVE
CVE
added 2011/02/14 11:0 p.m.49 views

CVE-2011-1032

CVE-2011-1032 affects IBM Lotus Connections 3.0 when used with IBM WebSphere Application Server 7.0.0.11. The vulnerability is that access to the internal login module is not properly restricted. The description provides the affected product/version and the component involved (internal login modu...

6.8CVSS6.6AI score0.01442EPSS
Exploits0References5Affected Software1
Symantec
Symantec
added 2011/02/08 12:0 a.m.13 views

Microsoft Windows Kerberos Unkeyed Checksum Local Privilege Escalation Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting these issues will result in the complete compromise of affect...

7.8AI score
Exploits0Affected Software7
Symantec
Symantec
added 2011/02/08 12:0 a.m.18 views

Microsoft Windows OpenType Compact Font Format Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Compact Font Format CFF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attemp...

7.9AI score
Exploits0References1Affected Software13
Symantec
Symantec
added 2011/02/08 12:0 a.m.22 views

Microsoft Windows Kernel Integer Truncation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a...

7.9AI score
Exploits0References1Affected Software6
Symantec
Symantec
added 2011/02/08 12:0 a.m.30 views

Microsoft Windows Kerberos Encryption Standard Spoofing Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a security vulnerability that may allow attackers to downgrade the cipher suite. Successful exploits may allow attackers to change the default encryption standard to DES. This may allow attackers to read and forge all Kerber...

7.2AI score
Exploits0Affected Software7
Symantec
Symantec
added 2011/02/08 12:0 a.m.35 views

Microsoft Internet Explorer CVE-2011-0035 Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS7AI score0.19535EPSS
Exploits0Affected Software6
Symantec
Symantec
added 2011/02/08 12:0 a.m.18 views

Microsoft Internet Explorer 'mshtml.dll' Dangling Pointer Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
added 2011/02/08 12:0 a.m.27 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0088) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS7AI score0.01831EPSS
Exploits0Affected Software15
NVD
NVD
added 2011/02/01 6:0 p.m.14 views

CVE-2011-0732

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...

10CVSS6.6AI score0.01572EPSS
Exploits0References2
Prion
Prion
added 2011/02/01 6:0 p.m.15 views

Security feature bypass

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...

10CVSS7.1AI score0.01572EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2011/02/01 5:0 p.m.17 views

CVE-2011-0732

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal TIP 1.1.1.1, as used in IBM Tivoli Common Reporting TCR 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal...

6.6AI score0.01572EPSS
Exploits0References2
Rows per page
Query Builder