Lucene search
K

5614 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.23 views

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

6.8CVSS5.8AI score0.11082EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.29 views

openSUSE Security Update : gdk-pixbuf-loader-rsvg (openSUSE-SU-2011:1090-1)

Specially crafted SVG files could make librsvg dereference a function pointer which potentially allows to execute arbitrary code CVE-2011-3146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS8.5AI score0.04418EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.24 views

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

6.8CVSS5.8AI score0.11082EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0897-1)

update to 1.3.2 bnc815596 - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin is...

6.8CVSS5.3AI score0.04323EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.20 views

openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0715-1)

update to 1.3.2 bnc815596 - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin is...

6.8CVSS5.4AI score0.04323EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.3 views

OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)

Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

10CVSS6.8AI score0.0722EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.9 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

7.5CVSS6.8AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.6 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

7.5CVSS6.8AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:34 p.m.3 views

OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)

Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

10CVSS7AI score0.0722EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:34 p.m.1 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:34 p.m.4 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:34 p.m.1 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:13 p.m.5 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:13 p.m.3 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:13 p.m.7 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...

7.5CVSS7.1AI score0.04936EPSS
Exploits0References5
Veracode
Veracode
added 2014/06/06 6:13 p.m.43 views

Class Loader Manipulation With CookieInterceptor

Struts 2 Core is vulnerable to class loader manipulation vulnerability. The vulnerability exists because the getClass method does not properly restrict access to cookies as it accepts all cookie names when "\" is used to configure cookiesName parameter which allows remote attackers to manipulate...

7.5CVSS8.8AI score0.99614EPSS
Exploits7References10Affected Software2
0day.today
0day.today
added 2014/06/05 12:0 a.m.44 views

VN Loader Authorization Bypass Vulnerability

VN Loader is botnet. Exploit is auth bypass with SQLi. SQLi can be used for more, but proof is auth bypass. Usage Info Change panelurl to url for bot panel. If disable actually connect, will not connect to panel, but only give you credentials. Credentials also in code comments. This is private...

7.2AI score
Exploits0
Prion
Prion
added 2014/05/31 11:17 a.m.32 views

Xxe

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to 1 read arbitrary files via a crafted web application that provides an XML external entity...

4.3CVSS7AI score0.07616EPSS
Exploits0References51Affected Software1
RedHat Linux
RedHat Linux
added 2014/05/15 5:28 p.m.5 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

7.5CVSS6.8AI score0.04936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/05/15 5:28 p.m.6 views

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...

7.5CVSS6.8AI score0.04936EPSS
Exploits0References5
Rows per page
Query Builder