73 matches found
CVE-2017-7677
In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table...
Apple Safari Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X
Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and address the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite...
CVE-2015-3659
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cau...
CVE-2015-3659
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cau...
Apple iOS Webkit SQLite authorizer arbitrary SQL function call vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. An insufficient comparison vulnerability in the Apple iOS Webkit SQLite authorizer allows remote attackers to construct a malicious WEB page that can be called with arbitrary SQL functions by tricking the...
UBUNTU-CVE-2015-3659
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cau...
CVE-2010-0005
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query...
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
Code injection
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
CVE-2010-0004
Removed by vendor...
CVE-2010-0004
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view...
ViewVC Versions Prior to 1.1.3 Multiple Remote Vulnerabilities
ViewVC is prone to these security vulnerabilities: - A security vulnerability that involves root listing of per-root authorization configuration. - A security vulnerability in 'query.py' involving the 'forbidden' authorizer or none. Versions prior to ViewVC 1.1.3 are vulnerable. OpenVAS...