Lucene search
+L

3062 matches found

Prion
Prion
added 2009/11/05 4:30 p.m.20 views

Code injection

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970...

9.3CVSS6.7AI score0.04262EPSS
Exploits1References24Affected Software3
Cvelist
Cvelist
added 2009/11/05 4:0 p.m.36 views

CVE-2009-3868

Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970...

6.3AI score0.04262EPSS
Exploits1References24
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.7 views

SLES9: Security update for subdomain-parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: subdomain-utils yast2-subdomain subdomain-parser-common subdomain-profiles subdomain-parser More details may also be found by searching for keyword 5010007...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.8 views

SLES9: Security update for subdomain-parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: yast2-subdomain subdomain-utils subdomain-parser subdomain-profiles subdomain-parser-common More details may also be found by searching for keyword 5014564...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.15 views

SLES9: Security update for subdomain-parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: subdomain-utils yast2-subdomain subdomain-parser-common subdomain-profiles subdomain-parser More details may also be found by searching for keyword 5010007...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.5 views

SLES9: Security update for subdomain-parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: yast2-subdomain subdomain-utils subdomain-parser subdomain-profiles subdomain-parser-common More details may also be found by searching for keyword 5014564...

7.5AI score
Exploits0References1
NVD
NVD
added 2009/09/24 6:30 p.m.23 views

CVE-2009-3390

Multiple unspecified vulnerabilities in the 1 iscsiadm and 2 iscsitadm programs in Sun Solaris 10, and OpenSolaris snv28 through snv109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library...

7.2CVSS6.8AI score0.00422EPSS
Exploits0References2
NVD
NVD
added 2009/09/14 2:30 p.m.16 views

CVE-2008-7221

Cross-site request forgery CSRF vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that 1 add new administrators or 2 modify user profiles via a crafted request to system/admin.php...

6.8CVSS7AI score0.0062EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/09/14 2:0 p.m.24 views

CVE-2008-7221

Cross-site request forgery CSRF vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that 1 add new administrators or 2 modify user profiles via a crafted request to system/admin.php...

7AI score0.0062EPSS
Exploits0References2
CVE
CVE
added 2009/09/14 2:0 p.m.47 views

CVE-2008-7221

RunCMS 1.6.1 is affected by a CSRF vulnerability that lets remote attackers hijack administrator sessions by sending crafted requests to system/admin.php, enabling (1) addition of new administrators or (2) modification of user profiles. The vulnerability is triggered through authenticated admin a...

6.8CVSS7.2AI score0.0062EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2009/09/09 5:0 p.m.42 views

CVE-2008-7188

CVE-2008-7188 affects ClipShare 2.6, where an attacker can bypass access restrictions by altering a uid parameter in siteadmin/useredit.php to modify arbitrary user profiles. This can be combined with using the manipulated email to trigger recoverpass.php, potentially recovering a user’s password...

7.5CVSS7.1AI score0.023EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.35 views

Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory MDVSA-2009:162. OpenVAS Vulnerability Test $Id: mdksa2009162.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:162 java-1.6.0-openjdk Authors: Thomas Reinke Copyright:...

10CVSS1.9AI score0.12692EPSS
Exploits5
Prion
Prion
added 2009/06/19 4:30 p.m.20 views

Design/Logic Flaw

The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the...

2.1CVSS6.7AI score0.00356EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2009/06/19 4:0 p.m.28 views

CVE-2009-1679

The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the...

6.2AI score0.00356EPSS
Exploits0References7
CVE
CVE
added 2009/06/19 4:0 p.m.56 views

CVE-2009-1679

The CVE covers Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1. The Profiles component, when installing a configuration profile, can replace ActiveSync’s password policy with a weaker one, allowing physically proximate attackers to bypass the policy. Impact: bypass of password po...

2.1CVSS6.3AI score0.00356EPSS
Exploits0References7Affected Software1
Cent OS
Cent OS
added 2009/04/20 10:16 a.m.57 views

ghostscript security update

CentOS Errata and Security Advisory CESA-2009:0421 Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ghostscript is a set of software...

9.3CVSS6.2AI score0.07365EPSS
Exploits3References7
securityvulns
securityvulns
added 2009/04/20 12:0 a.m.64 views

[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200904-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

9.3CVSS7.9AI score0.05534EPSS
Exploits4
Gentoo Linux
Gentoo Linux
added 2009/04/19 12:0 a.m.34 views

LittleCMS: Multiple vulnerabilities

Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP and Firefox. Description RedHat reported a null-pointer dereference flaw while processing monochrome ICC profiles CVE-2009-0793. Chris Evans of Google...

9.3CVSS8.3AI score0.05534EPSS
Exploits4
Fedora
Fedora
added 2009/04/17 6:2 p.m.39 views

[SECURITY] Fedora 9 Update: argyllcms-1.0.3-5.fc9

The Argyll color management system supports accurate ICC profile creation f or scanners, CMYK printers, film recorders and calibration and profiling of displays. Spectral sample data is supported, allowing a selection of illuminants obse rver types, and paper fluorescent whitener additive...

9.3CVSS1.6AI score0.04708EPSS
Exploits1
exploitpack
exploitpack
added 2009/04/15 12:0 a.m.25 views

Job2C 4.2 - profile Arbitrary File Upload

Job2C 4.2 - profile Arbitrary File Upload || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

0.4AI score
Exploits0
Rows per page
Query Builder