763 matches found
CVE-2015-0386
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191...
Facebook HipHop Virtual Machine Information Disclosure Vulnerability
Facebook HipHop Virtual Machine is a HipHop virtual machine developed by Facebook Inc. that significantly improves PHP performance for loading dynamic pages. An information disclosure vulnerability exists in versions of Facebook HipHop Virtual Machine prior to 3.3.0, which allows remote attackers...
Important: Red Hat Security Advisory: openstack-keystone security update
Updated openstack-keystone packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...
PT-2014-2216 · Iproute2 · Iproute2
Name of the Vulnerable Software and Affected Versions: iproute2 versions prior to 3.3.0 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by certain scripts. This can be exploited through the configure script or the...
rubygem-actionpack: XSS Vulnerability in strip_tags
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...
Teiid: JDBC socket does not encrypt client login messages by default
The Teiid Java Database Connectivity JDBC socket, as used in JBoss Enterprise Data Services Platform before 5.3.0, does not encrypt login messages by default contrary to documentation and specification, which allows remote attackers to obtain login credentials via a man-in-the-middle MITM attack...
(CGIHTTPServer): CGI script source code disclosure
The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...
3.0.3): Arbitrary Java code execution via an HTTP request containing a specially-crafted .jar file
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs0=jar: followed by a URL of a crafted .jar file...
Firefox crashes with evidence of memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
Firefox crashes with evidence of memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
Firefox crashes with evidence of memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
AZL-7422 CVE-2008-2149 affecting package wordnet for versions less than 3.0-38
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...
DEBIAN-CVE-2008-2149
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end...
PT-2006-4479 · Flexwatch · Flexwatch Network Camera
Name of the Vulnerable Software and Affected Versions: FlexWATCH Network Camera versions 3.0 and earlier Description: A directory traversal issue allows remote attackers to bypass access restrictions for sensitive pages, such as "admin/aindex.asp" or "admin/aindex.html", by using a ".." dot dot a...
PT-2005-2722 · Ezdwc · Ezdwc Newsletterez
Name of the Vulnerable Software and Affected Versions: ezdwc NewsletterEz version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the password parameter in the "login.asp" file. Recommendations: For ezdwc NewsletterEz version 3.0, conside...
2024-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5046546)
2024-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5046546...
2024-08 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 for x64 (KB5042357)
2024-08 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 for x64 KB5042357...
Microsoft .NET Framework 3.0: x86 (KB928416)
Microsoft .NET Framework 3.0: x86 KB928416...
2022-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 (KB5015730)
2022-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 for ARM64 KB5015730...
July, 2017 Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 for x64 (KB4032116)
July, 2017 Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 on Windows Server 2008 SP2 for x64 KB4032116...