Lucene search
+L

238 matches found

UbuntuCve
UbuntuCve
added 2015/11/24 5:0 p.m.25 views

CVE-2015-8213

The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...

5CVSS7.1AI score0.04284EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.8 views

The vulnerability of the Mac OS X operating system, which allows a hacker to manipulate timestamps

The vulnerability of the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to forge timestamps due to errors in restricting access to the date and time settings panel...

2.1CVSS7.2AI score0.00339EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2015/08/16 11:59 p.m.16 views

Code injection

Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane...

2.1CVSS6.1AI score0.00339EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/08/16 11:0 p.m.76 views

CVE-2015-3757

CVE-2015-3757 affects Apple OS X up to macOS Yosemite, specifically OS X before 10.10.5. The Date & Time preference pane could be accessed locally to spoof system time, enabling a local user to alter time settings via that pane. Connected sources confirm this is addressed by Apple’s OS X 10.10.5 ...

2.1CVSS7.7AI score0.00339EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/08/16 11:0 p.m.20 views

CVE-2015-3757

Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane...

8AI score0.00339EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/07/09 5:1 p.m.5 views

php: use after free vulnerability in unserialize() with DateTimeZone

A use-after-free flaw was found in the unserialize function of PHP's DateTimeZone implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory...

7.5CVSS6.6AI score0.42911EPSS
Exploits9References4
RedHat Linux
RedHat Linux
added 2015/06/04 8:2 a.m.3 views

php: use after free vulnerability in unserialize() with DateTimeZone

A use-after-free flaw was found in the unserialize function of PHP's DateTimeZone implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory...

7.5CVSS6.6AI score0.42911EPSS
Exploits9References4
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information

The vulnerability of the boost-date-time-1.41.0 package of the Red Hat Enterprise Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

5CVSS7.2AI score0.03889EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the CentOS operating system, which allows a malicious attacker to compromise the accessibility of protected information

The vulnerability of the boost-date-time-1.41.0 package on the CentOS operating system can lead to a violation of the accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

5CVSS7.3AI score0.03889EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/03/08 12:0 a.m.17 views

PHP Date Time Object Unserialize Memory Corruption (CVE-2015-0273)

A code execution vulnerability has been reported in PHP. The vulnerability is due to a use-after-free error when handling serialized Date/Time objects within the unserialize function. A remote attacker can exploit the vulnerability by sending crafted serialized data to a web application running a...

7.5CVSS4.7AI score0.42911EPSS
Exploits9
CNVD
CNVD
added 2015/02/26 12:0 a.m.2 views

PHP Memory Error Referencing Remote Code Execution Vulnerability

PHP is a popular web programming language. PHP unserialize handles DateTimeZone with a memory error referencing a remote code execution vulnerability, which allows attackers to exploit the vulnerability to crash the application or execute arbitrary code...

7.5CVSS8.5AI score0.42911EPSS
Exploits9References1
Fedora
Fedora
added 2014/08/21 9:47 a.m.31 views

[SECURITY] Fedora 20 Update: drupal7-date-2.8-1.fc20

This Drupal module contains both a flexible date/time field type and a Date API that other modules can use...

3.5CVSS2AI score0.01417EPSS
Exploits0
Fedora
Fedora
added 2014/08/21 9:42 a.m.28 views

[SECURITY] Fedora 19 Update: drupal7-date-2.8-1.fc19

This Drupal module contains both a flexible date/time field type and a Date API that other modules can use...

3.5CVSS2AI score0.01417EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Novell iPrint Client ActiveX Control Date/Time Buffer Overflow

No description provided by source. $Id: novelliprintdatetime.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.73 views

PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow

No description provided by source. From: Maksymilian Arciemowicz cxib securityreason com Date: Fri, 10 Dec 2010 14:43:32 +0100 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow Author: Maksymilian Arciemowicz http://securityreason.com/...

5CVSS0.18878EPSS
Exploits5
securityvulns
securityvulns
added 2014/05/02 12:0 a.m.62 views

Ubuntu Date and Time Indicator privilege escalation

It's possible to run applications as greeter user...

4.6CVSS3AI score0.00378EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.24 views

RedHat Update for postgresql RHSA-2014:0249-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.3AI score0.06666EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2013/12/03 12:0 a.m.39 views

SuSE 11.2 Security Update : OpenJDK 1.6 (SAT Patch Number 8598)

OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues : - S8006900, CVE-2013-3829: Add new date/time capability - S8008589: Better MBean permission validation - S8011071, CVE-2013-5780: Better crypto provider handling - S8011081,...

10CVSS7AI score0.24738EPSS
Exploits0References55
Metasploit
Metasploit
added 2013/08/26 7:52 p.m.58 views

Mac OS X Sudo Password Bypass

This module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges the user is in the sudoers file and is in the...

6.9CVSS6.5AI score0.03176EPSS
Exploits8
Kitploit
Kitploit
added 2013/04/29 11:6 p.m.25 views

[File Time Changer] Command-line Tool to quickly change the Date/Time stamp of the file

File Time Changer is the Free Command-line tool to quickly change the Date/Time stamp of the file. It also allows you to view the current date/time of the file before modifying it. You can view or modify all the 3 types of timestamp for the file, Creation Time Last Access Time Last Modified Time...

7.2AI score
Exploits0
Rows per page
Query Builder