CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft KB•added 2017/06/13 7:0 a.m.•54 views

Description of the security update for Office 2013: June 13, 2017

Description of the security update for Office 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

9.3CVSS8.8AI score0.22127EPSS

RedHat Linux•added 2017/05/09 4:41 p.m.•2 views

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...

5.9CVSS7.2AI score0.03937EPSS

Exploits0References5

Citrix•added 2017/05/03 12:0 a.m.•10 views

How to disable the prompt "Authentication is required to set the network proxy used for downloading"

After logon to Linux VDA ICA session,you will receive a prompt "Authentication is required to set the network proxy used for downloading" as below, which would annoy users...

7AI score

OSV•added 2017/02/20 8:59 a.m.•1 views

CVE-2016-7579

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and...

5.9CVSS5.8AI score0.01838EPSS

Exploits0References5

ATTACKERKB•added 2017/02/20 8:59 a.m.•2 views

CVE-2016-7579

5.9CVSS5.6AI score0.01838EPSS

Tenable Nessus•added 2017/02/07 12:0 a.m.•50 views

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. CVE-2016-558...

Tenable Nessus•added 2017/01/16 12:0 a.m.•49 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20170113)

Security Fixes : - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox...

RedHat Linux•added 2017/01/13 12:0 a.m.•83 views

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

9.6CVSS6.6AI score0.05437EPSS

RedHat Linux•added 2017/01/13 12:0 a.m.•3 views

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

5.9CVSS7.2AI score0.03937EPSS

Exploits0References5

OpenVAS•added 2017/01/13 12:0 a.m.•23 views

CentOS Update for java CESA-2017:0061 centos7

Check the version of java SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882632";...

9.6CVSS6.3AI score0.05437EPSS

Exploits0References2

Tenable Nessus•added 2017/01/13 12:0 a.m.•62 views

CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2017:0061)

Cent OS•added 2017/01/12 3:48 p.m.•93 views

Exploits0References8

java security update

CentOS Errata and Security Advisory CESA-2017:0061 An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

9.6CVSS6.6AI score0.05437EPSS

Exploits0References7

OSV•added 2016/12/12 9:59 p.m.•6 views

UBUNTU-CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

5.3CVSS6AI score0.03429EPSS

Exploits0References4

Ubuntu•added 2016/12/08 12:30 a.m.•109 views

USN-3154-1: OpenJDK 6 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS7.2AI score0.05437EPSS

Tenable Nessus•added 2016/12/08 12:0 a.m.•50 views

Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3154-1)

9.6CVSS7.1AI score0.05437EPSS

Tenable Nessus•added 2016/11/21 12:0 a.m.•257 views

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-771)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm. CVE-2016-5542 A flaw was found in the way the JMX...

Tenable Nessus•added 2016/11/18 12:0 a.m.•46 views

Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3130-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3130-1 advisory. It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without...

9.6CVSS7.3AI score0.05437EPSS

OSV•added 2016/11/17 10:29 p.m.•4 views

USN-3130-1 openjdk-7 vulnerabilities

9.6CVSS6.8AI score0.05437EPSS