Lucene search
K

5612 matches found

CVE
CVE
added 2013/10/16 3:0 p.m.51 views

CVE-2013-3836

CVE-2013-3836 affects Oracle Web Cache (Oracle Fusion Middleware 11.1.1.6/11.1.1.7). The vulnerability’s root cause is related to ESI/Partial Page Caching, allowing remote authenticated users to impact confidentiality. The connected documents confirm the affected product and vector but do not pro...

3.5CVSS5.2AI score0.00871EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2013/10/09 12:0 a.m.185 views

Synology DSM multiple vulnerabilities

Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manager DSM it's a Linux based operating system, use...

Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/26 12:0 a.m.22 views

BlackBerry < 6.0.0 Browser Partial DoS

Binary data blackberry600check.nbin...

4.3CVSS7.3AI score0.01681EPSS
Exploits0References3
0day.today
0day.today
added 2013/09/12 12:0 a.m.43 views

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Exploit for linux platform in category web applications Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manag...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/09/12 12:0 a.m.35 views

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manager DSM it's a Linux based operating system, use...

7AI score
Exploits0
exploitpack
exploitpack
added 2013/09/12 12:0 a.m.22 views

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Synology DiskStation Manager DSM 4.3-3776 - Multiple Vulnerabilities Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched...

Exploits0
OSV
OSV
added 2013/08/28 9:55 p.m.2 views

DEBIAN-CVE-2013-2076

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged t...

4.3CVSS6.3AI score0.00496EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2013/08/22 12:0 a.m.6 views

XML External Entity (XXE) injection in Spring Framework

It was identified that Spring MVC processed user provided XML with JAXB in combination with a StAX XMLInputFactory without disabling external entity resolution. External entity resolution has been disabled in this case. It was subsequently discovered that this fix was incomplete CVE-2013-6429,...

6.8CVSS8.1AI score0.03438EPSS
Exploits1References1
NVD
NVD
added 2013/07/10 3:46 a.m.33 views

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

9.3CVSS7.4AI score0.206EPSS
Exploits0References3
Prion
Prion
added 2013/07/10 3:46 a.m.16 views

Design/Logic Flaw

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

9.3CVSS8AI score0.206EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/07/10 1:0 a.m.34 views

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

7.3AI score0.206EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.35 views

Mandriva Linux Security Advisory : gimp (MDVSA-2013:082)

Updated gimp packages fix security vulnerabilities : An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially crafted GIF image file that, when opened, could cause the GIF plug-in to crash or,...

7.5CVSS6.4AI score0.10748EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2013/02/18 12:0 a.m.23 views

Solaris 10 (x86) : 148028-03 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: RBAC Configuration. Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components...

5.9CVSS6.2AI score0.0037EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/01/18 12:0 a.m.38 views

Windows OS Partial Product Key (WMI)

Binary data wmiwindowspartialproductkey.nbin...

7.3AI score
Exploits0
NVD
NVD
added 2012/11/30 7:55 p.m.17 views

CVE-2012-5568

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris...

5CVSS7.2AI score0.09588EPSS
Exploits2References10
exploitpack
exploitpack
added 2012/04/24 12:0 a.m.35 views

Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025)

Microsoft .NET Framework EncoderParameter - Integer Overflow MS12-025 ------------------------------------------------------------------------ .NET Framework EncoderParameter integer overflow vulnerability ------------------------------------------------------------------------ Yorick Koster,...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/04/09 12:0 a.m.82 views

Solaris 10 (sparc) : 147673-11 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Oracle Java Web Console. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...

5.3CVSS4.8AI score0.02321EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/03/07 12:0 a.m.12 views

Mandriva Update for rpm-mandriva-setup MDVA-2012:024 (rpm-mandriva-setup)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5.3AI score
Exploits0References2
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.56 views

Multiple Cross-Site-Scripting vulnerabilities in x3cms

Advisory: Multiple Cross-Site-Scripting vulnerabilities in x3cms Advisory ID: INFOSERVE-ADV2011-04 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on x3cms 0.4.3 other versions may also be affected Vendor URL: http://www.x3cms.net/ Vendor Status: Parti...

1AI score
Exploits0
OSV
OSV
added 2012/01/06 1:55 a.m.10 views

CVE-2012-0390

The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related...

7.8AI score
Exploits0References3
Rows per page
Query Builder