72 matches found
Oracle MySQL Multiple Unspecified vulnerabilities-05 (Apr 2015) - Windows
Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 (Feb 2015) - Linux
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSIS 5.3 Cross Site Request Forgery
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 openSIS 4.5 - 5.3 Cross Site Request Forgery Vulnerability ========================================================== Author: Ubani Anthony Balogun Reported: June 26, 2014 Product Description: - -------------------- openSIS, is a free student...
Oracle Database Multiple Vulnerabilities (April 2013 CPU)
The remote Oracle database server is missing the April 2013 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Workload Manager - Network Layer %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
CentOS Update for ruby CESA-2013:0129 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
mysql security update
CentOS Errata and Security Advisory CESA-2012:1462 Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...
Fraudulent Digital Certificates Spoofing Vulnerability (2607712)
Microsoft Windows operating system is prone to a spoofing vulnerability. This VT has been superseded by KB2641690 which is addressed in the VT SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Microsoft Internet Explorer拖放未初始化内存远程代码执行漏洞
Bugtraq ID: 48204 CVE ID:CVE-2011-1254 Microsoft Internet Explorer是一款微软开发的WEB浏览器。 Internet Explorer在处理某些内容上的拖放事件时存在释放后使用错误,攻击者可以构建恶意WEB页,诱使用户解析,破坏内存,成功利用漏洞可以以应用程序上下文执行任意代码。 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6....
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...
Exploit Code Published for Latest IE Zero-Day
Using obvious clues from a McAfee blog post, an Israeli hacker was able to pinpoint the latest Internet Explorer zero-day vulnerability and create working exploit code. The exploit code, which provides a clear roadmap to launch drive-by download attacks against IE 6 and IE 7 users, is being fitte...
ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure
ChartDirector 5.0.1 - cacheId Arbitrary File Disclosure ==================================================== Advisory No.: ISNSC-0910 ============= ChartDirector Critical File Access Information ====== Author: DokFLeed Program Affected: http://www.chartdir.com for .NET Version: 5.0.1 Severity:...
Oracle XDB component PITRIG_DROPMETADATA buffer overflow
Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...
Invensys Wonderware InTouch默认统一NetDDE共享特权提升漏洞
Vulnerability Note VU138633 Invensys Wonderware InTouch creates insecure NetDDE share Invensys Wonderware InTouch是一款生产过程中自动化监控系统中的应用。 Invensys Wonderware InTouch对NetDDE共享的默认权限设置存在问题,本地攻击者可以利用漏洞提升特权。 动态数据交换DDE设计允许Microsoft windows应用程序共享数据。NetDDE是Wonderware开发的DDE扩展。InTouch...
SUSE-SA:2006:037: freetype2, freetype2-devel
The remote host is missing the patch for the advisory SUSE-SA:2006:037 freetype2, freetype2-devel. The freetype2 library renders TrueType fonts for open source projects. More than 900 packages on SUSE Linux use this library. Therefore the integer overflows in this code found by Josh Bressers and...
SUSE-SA:2005:006: squid
The remote host is missing the patch for the advisory SUSE-SA:2005:006 squid. Squid is a feature-rich web-proxy with support for various web-related protocols. The last two squid updates from February the 1st and 10th fix several vulnerabilities. The impact of them range from remote...
SUSE-SA:2004:029: zlib
The remote host is missing the patch for the advisory SUSE-SA:2004:029 zlib. zlib is a widely used data compression library. Programs linked against it include most desktop applications as well as servers such as Apache and OpenSSH. The 'inflate' function of zlib handles certain input data...
Sun Solaris Volume Manager (SVM) fails to properly handle malformed probe requests
Overview There is a vulnerability in the Sun Solaris Volume Manager SVM that could allow a local user to cause a denial-of-service condition. Description The Sun Volume Manager is a component of the Solaris operating system and provides disk and storage management. There is a vulnerability in the...
SUSE-SA:2002:038: postgresql
The remote host is missing the patch for the advisory SUSE-SA:2002:038 postgresql. The PostgreSQL Object-Relational DBMS was found vulnerable to several security related buffer overflow problems. The buffer overflows are located in: handling long datetime input lpad and rpad function with multiby...
SuSE-SA:2003:050: rsync
The remote host is missing the patch for the advisory SuSE-SA:2003:050 rsync. The rsync suite provides client and server tools to easily support an administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill his tasks. I...
SUSE-SA:2003:001: fetchmail
The remote host is missing the patch for the advisory SUSE-SA:2003:001 fetchmail. fetchmail is used to download emails from POP-, IMAP-, ETRN- or ODMR- servers. Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise. When...