638 matches found
rhevm: spice service unquoted search path
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization RHEV 3.2, allows local users to gain privileges via a crafted application in an unspecified folder...
CVE-2013-3240
creationtimestamp| type| source ---|---|--- 2013-04-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/25003...
rubygem-actionpack: XSS Vulnerability in strip_tags
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...
PT-2012-1394 · Virusbuster · Virusbuster Internet Security Suite
Name of the Vulnerable Software and Affected Versions: VirusBuster Internet Security Suite version 3.2 Description: A race condition issue allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by...
kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
The igmpheardquery function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service divide-by-zero error and panic via IGMP packets...
PT-2012-3148 · Dolibarr · Dolibarr Cms
Name of the Vulnerable Software and Affected Versions: Dolibarr CMS versions 3.2.0 Alpha and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the memberslist parameter in list.php or the rowid parameter in...
Python: Memory corruption in audioop module
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service memory corruption and application crash via crafted arguments, as demonstrated by a call to...
PT-2011-1643 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions prior to 8.32 Description: The issue is related to an unspecified vulnerability in the SIP inspection feature, which allows remote attackers to cause a denial of service by...
PT-2011-1647 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions prior to 8.32 Description: The issue allows remote attackers to cause a denial of service, resulting in a device crash. This can be achieved by establishing a large number of...
PT-2010-4084 · Php +1 · Php +1
Name of the Vulnerable Software and Affected Versions: PHP versions 5.2.0 through 5.2.13 PHP versions 5.3.0 through 5.3.2 Description: The issue allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion, due to the...
Acroread: Multiple code execution flaws (APSB10-09)
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service memory corruption or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204...
Acroread: Multiple code execution flaws (APSB10-09)
Cross-site scripting XSS vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-3241
creationtimestamp| type| source ---|---|--- 2009-09-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33222...
CVE-2008-3234
creationtimestamp| type| source ---|---|--- 2008-07-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6094...
CVE-2008-3213
creationtimestamp| type| source ---|---|--- 2008-07-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6056...
CVE-2008-2835
SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter...
2021-05 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 (KB5003254)
2021-05 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 KB5003254...
2026-04 Cumulative Update for Windows 11 Version 23H2 for arm64-based Systems (KB5082052)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...