CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1155 matches found

OpenVAS•added 2011/12/07 12:0 a.m.•22 views

Oracle Application Server < 1.3.1.27 Unspecified Vulnerability (cpujan2008)

Oracle Application Server AS is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS5.9AI score0.02696EPSS

Exploits0References3

IBM AIX•added 2011/11/22 3:0 p.m.•55 views

Perl Digest Module Digest->new() Code Injection

7.5CVSS1.7AI score0.13526EPSS

Exploits0

Tenable Nessus•added 2011/11/16 12:0 a.m.•97 views

Oracle Database Multiple Vulnerabilities (January 2006 CPU)

The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...

10CVSS5.4AI score0.0965EPSS

Exploits9References29

OpenVAS•added 2011/11/03 12:0 a.m.•26 views

phpLDAPadmin '_debug' Cross Site Scripting Vulnerability

This host is running phpLDAPadmin and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbphpldapadmindebugxssvuln.nasl 5793 2017-03-30 13:40:15Z cfi $ phpLDAPadmin 'debug' Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone...

4.3CVSS5.8AI score0.04459EPSS

Exploits1References4

Prion•added 2011/10/07 2:51 a.m.•10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, as demonstrated by a crafted nickname field to vserver/apply...

6.8CVSS6.4AI score0.01398EPSS

Exploits1References10Affected Software1

OpenVAS•added 2011/08/29 12:0 a.m.•25 views

Adobe Photoshop '.GIF' File Processing Memory Corruption Vulnerability

This host is installed with Adobe Photoshop and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodadobephotoshopgifmemcorruptionvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Adobe Photoshop '.GIF' File Processing Memory Corruption Vulnerability Authors: Rachana...

9.3CVSS1.2AI score0.23244EPSS

Exploits3References3

Japan Vulnerability Notes•added 2011/08/26 8:14 a.m.•2 views

Samba Web Administration Tool vulnerable to cross-site scripting

Overview Samba Web Administration Tool contains a cross-site scripting vulnerability. Samba Web Administration Tool SWAT allows for Samba configuration through a web interface. SWAT contains a cross-site scripting vulnerability. SWAT is disabled in a default configuration of Samba. nobuhiro tsuji...

2.6CVSS6AI score0.06293EPSS

Exploits0References21

OpenVAS•added 2011/07/07 12:0 a.m.•20 views

Google Chrome WebGL Texture Information Disclosure Vulnerability (Windows)

This host is installed with Google Chrome and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromewebgltextureinfodiscvulnwin.nasl 7015 2017-08-28 11:51:24Z teissa $ Google Chrome WebGL Texture Information Disclosure Vulnerability Windows Authors: Shash...

4.3CVSS6.2AI score0.00805EPSS

Exploits1References1

CISA•added 2011/06/14 12:0 a.m.•9 views

Microsoft Releases June Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .NET framework, Microsoft Silverlight, Microsoft Forefront Threat Management Gateway, and Internet Explorer as part of the Microsoft Security...

7.9AI score

Exploits0References2

OpenVAS•added 2011/06/07 12:0 a.m.•28 views

Python CGIHTTPServer Module Information Disclosure Vulnerability

This host is installed with Python and is prone to Information Disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbpythoncgiinfodiscvulnwin.nasl 8160 2017-12-18 15:33:57Z cfischer $ Python CGIHTTPServer Module Information Disclosure Vulnerability Authors: Madhuri D Copyright: Copyright c...

5CVSS7.5AI score0.03924EPSS

Exploits1References3

CISA•added 2011/04/29 12:0 a.m.•13 views

Mozilla Releases Firefox updates

Mozilla has released Firefox 4.0.1, 3.6.17, and 3.5.19 to address multiple vulnerabilities. The impact of these vulnerabilities includes arbitrary code execution, privilege escalation, directory traversal, and information disclosure. US-CERT encourages users and administrators to review the Mozil...

7.6AI score

Exploits0References1

Oracle•added 2011/04/19 12:0 a.m.•16 views

Oracle Critical Patch Update - April 2011

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should b...

10CVSS9.8AI score0.87264EPSS

Exploits40

Japan Vulnerability Notes•added 2011/04/08 5:9 a.m.•1 views

Password Vault Web Access vulnerable to cross-site scripting

Overview Password Vault Web Access PVWA provided by Cyber-Ark Software, Ltd. contains a cross-site scripting vulnerability. Password Vault Web Access PVWA is a module in the Privileged Identity Management Suite that allows access via a web portal. PVWA contains a cross-site scripting vulnerabilit...

4.3CVSS5.9AI score0.01053EPSS

Exploits0References5

OpenVAS•added 2011/02/01 12:0 a.m.•24 views

Oracle Java Access Manager And OpenSSO Unspecified Vulnerability

The host is running Access Manager or OpenSSO and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: secpodoraclesamnopenssounspecifiedvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Oracle Java Access Manager and OpenSSO Unspecified Vulnerability Authors: Antu Sanadi Copyright:...

6.8CVSS0.7AI score0.0227EPSS

Exploits0References3

Tenable Nessus•added 2011/01/27 12:0 a.m.•34 views

SuSE 10 Security Update : novell-ipsec (ZYPP Patch Number 5888)

Remote attackers could exploit memory leaks in the 'racoon' daemon to crash it. CVE-2008-3651 / CVE-2008-3652 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.8CVSS5.3AI score0.03435EPSS

Exploits1References4

CISA•added 2010/12/13 12:0 a.m.•11 views

RealNetworks Releases Security Update for RealPlayer

RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the RealNetworks notice released on December 10, 2010 and appl...

7.8AI score

Exploits0References1

Prion•added 2010/11/06 12:0 a.m.•15 views

Code injection

Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a craft...

6.8CVSS7.8AI score0.02516EPSS

Exploits1References14Affected Software3

Cvelist•added 2010/11/05 10:0 p.m.•20 views

CVE-2010-4206

9.1AI score0.02516EPSS

Exploits1References14

CVE•added 2010/11/05 10:0 p.m.•77 views

CVE-2010-4206

CVE-2010-4206 is a WebKit/WebKitGTK+ vulnerability described across multiple advisories as an array index error in FEBlend::apply (WebCore/graphics/filters/FEBlend.cpp). This defect was present in WebKit builds used by Google Chrome prior to 7.0.517.44 and webkitgtk before 1.2.6, among other prod...

8.8CVSS9AI score0.02516EPSS

Exploits1References14Affected Software1