Lucene search
K

5610 matches found

OSV
OSV
added 2016/02/14 2:59 a.m.4 views

CVE-2016-1623

The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp,...

8.8CVSS7.3AI score
Exploits0References11
CNVD
CNVD
added 2016/02/11 12:0 a.m.2 views

Adobe Flash Player & Compiler Memory Misreference Vulnerability (CNVD-2016-01026)

Adobe Flash Player& Compiler is an integrated multimedia player from the American company Audobee Adobe, short and compact, able to be used on a variety of browsers, operating systems and mobile devices. A memory misreference vulnerability exists in Adobe Flash Player& Compiler, which could be...

9.3CVSS7.6AI score0.05499EPSS
Exploits0References1
OSV
OSV
added 2016/02/10 8:59 p.m.3 views

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before...

8.8CVSS6.1AI score0.05499EPSS
Exploits0References9
OSV
OSV
added 2016/02/10 8:59 p.m.2 views

UBUNTU-CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before...

8.8CVSS7.6AI score0.05499EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/02/08 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2016-0049)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02709EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.35 views

Debian DLA-401-1 : imlib2 security update

CVE-2014-9762 GIF loader: Fix segv on images without colormap CVE-2014-9763 Prevent division-by-zero crashes CVE-2014-9764 Fix segfault when opening input/queue/id:000007,src:000000,op:flip1,pos:51 with feh NOTE: Tenable Network Security has extracted the preceding description block directly from...

7.5CVSS7.4AI score0.02709EPSS
Exploits0References5
Debian
Debian
added 2016/01/24 12:32 p.m.24 views

[SECURITY] [DLA 401-1] imlib2 security update

Package : imlib2 Version : 1.4.2-8+deb6u1 CVE ID : CVE-2014-9762 CVE-2014-9763 CVE-2014-9764 CVE-2014-9762 GIF loader: Fix segv on images without colormap CVE-2014-9763 Prevent division-by-zero crashes CVE-2014-9764 Fix segfault when opening input/queue/id:000007,src:000000,op:flip1,pos:51 with f...

7.5CVSS7.7AI score0.02709EPSS
Exploits0
OSV
OSV
added 2016/01/24 12:0 a.m.21 views

DLA-401-1 imlib2 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.02709EPSS
Exploits0
CNVD
CNVD
added 2016/01/23 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Loader Service Component

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified security vulnerability in the Enterprise Manager Base Platform Loader Service component of Oracle Enterprise Manager Grid Control allows remote attackers to exploit the vulnerability to...

6.5CVSS6.8AI score0.01557EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2016/01/21 6:6 a.m.11 views

optek.net XSS vulnerability

Vulnerable URL: http://www.optek.net/Flash/FlashHTML/3Dloader.php?moviename=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / N...

6.3AI score
Exploits0
OSV
OSV
added 2016/01/21 2:59 a.m.2 views

CVE-2016-0442

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service...

5.8AI score0.01557EPSS
Exploits0References2
NVD
NVD
added 2016/01/21 2:59 a.m.22 views

CVE-2016-0442

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service...

6.5CVSS5.5AI score0.01557EPSS
Exploits0References2
Prion
Prion
added 2016/01/21 2:59 a.m.17 views

Code injection

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service...

6.5CVSS5.9AI score0.01557EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/01/21 2:0 a.m.51 views

CVE-2016-0442

CVE-2016-0442 affects Oracle Enterprise Manager Grid Control’s Enterprise Manager Base Platform Loader Service in 12.1.0.4 and 12.1.0.5. The vulnerability enables remote authenticated users to impact confidentiality, integrity, and availability via unknown vectors related to the Loader Service. P...

6.5CVSS5.6AI score0.01557EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/21 12:0 a.m.52 views

Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (January 2016 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple unspecified vulnerabilities in the following subcomponents of the Enterprise Manager Base Platform component : - Agent Next Gen - Discovery Framework - Loader Service - UI Framework Note th...

6.8CVSS6.6AI score0.61798EPSS
Exploits6References14
BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.3 views

The vulnerability of the Mac OS X operating system, which allows a hacker to increase their privileges

The vulnerability of the kernel loader in the EFI component of the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created path name...

7.2CVSS7.2AI score0.00354EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/01/04 12:0 a.m.2 views

IBM WebSphere Process Server and Business Process Manager Advanced Incorrect SSL/TLS Handling Vulnerability

IBM WebSphere Process Server and Business Process Manager BPM Advanced are both products of IBM Corporation, U.S.A. IBM WebSphere Process Server is a set of business process automation engines; BPM is a comprehensive business process management platform. BPM Advanced is an advanced version. A...

6.8CVSS6.6AI score0.01392EPSS
Exploits0References1
Prion
Prion
added 2016/01/01 12:59 a.m.17 views

Design/Logic Flaw

Remote Artifact Loader RAL in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticate...

4.9CVSS6.2AI score0.01392EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2016/01/01 12:59 a.m.14 views

CVE-2015-7441

Remote Artifact Loader RAL in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticate...

6.8CVSS6.2AI score0.01392EPSS
Exploits0References4
CVE
CVE
added 2016/01/01 12:0 a.m.49 views

CVE-2015-7441

IBM’s advisory (Security Bulletin and accompanying IBM pages) confirms CVE-2015-7441 affects WebSphere Process Server and BPM Advanced via the Remote Artifact Loader (RAL), where HTTPS/SSL is not honored per server configuration, allowing remote authenticated users to obtain sensitive information...

6.8CVSS6.1AI score0.01392EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder