8185 matches found
Mac OS X : Apple Safari < 6.2.4 / 7.1.4 / 8.0.4 Multiple Vulnerabilities
The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.4 / 7.1.4 / 8.0.4. It is, therefore, affected by multiple memory corruption vulnerabilities in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted website, can exploi...
KLA10591 Code injection in Microsoft Exchange Server
Multiple XSS vulnerabilities were found in Microsoft Exchange Server. By exploiting these vulnerabilities malicious users can inject arbitrary web script or spoof user interface. These vulnerabilities can be exploited remotely via a specially designed URL, msgParam or other unknown vectors...
Untangle NGFW 9 / 10 / 11 XSS / Code Execution
Multiple issues have been discovered in the Untangle NGFW virtual appliance. The vendor was unresponsive and uncooperative to the researcher. - Persistent XSS leading to root Authentication requiredConfirmed in versions 9 and 11 up to rev r39357 Throughout the Untangle user interface there are...
jquery-ui: XSS vulnerability in jQuery.ui.dialog title option
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
RHEL 7 : GNOME Shell (RHSA-2015:0535)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0535 advisory. GNOME Shell and the packages it depends upon provide the core user interface of the Red Hat Enterprise Linux desktop, including functions such as...
KLA10484 Interface spoofing vulnerability in McAfee Agent
An unspecified vulnerability was found in McAfee Agent. By exploiting this vulnerability malicious users conduct clicjacking attack. This vulnerability can be exploited remotely via a specially designed web page. Original advisories McAfee bulletin Related products McAfee-Agent CVE list...
Google Chrome UI Out-of-Bounds Read Vulnerability
Google Chrome is a simple and efficiently designed web browsing tool developed by Google. An out-of-bounds read vulnerability exists in Google Chrome UI, which can be exploited by attackers to construct a malicious web page and trick users into parsing it, which can crash the application...
Unspecified Vulnerability in Oracle Siebel UI Framework Component (CNVD-2015-00687)
Oracle Siebel is a customer relationship management software. A security vulnerability exists in the Portal Framework subcomponent of the Oracle Siebel UI Framework component, which allows remote attackers to exploit the vulnerability to compromise system confidentiality...
Unspecified Vulnerability in Oracle Enterprise Manager Ops Center User Interface Framework Subpart
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. A security vulnerability in the Oracle Enterprise Manager Ops Center User Interface Framework child allows remote attackers to exploit the vulnerability to compromise system integrity...
Unspecified Vulnerability in Oracle Siebel UI Framework Component (CNVD-2015-00683)
Oracle Siebel is a customer relationship management software. A security vulnerability exists in the Portal Framework subcomponent of the Oracle Siebel UI Framework component, which allows remote attackers to exploit the vulnerability to compromise system confidentiality...
Unspecified Vulnerability in Oracle Siebel UI Framework Component (CNVD-2015-00685)
Oracle Siebel is a customer relationship management software. A security vulnerability in the Oracle Siebel UI Framework component, AX/HI Web UI child, allows remote attackers to exploit the vulnerability to compromise system integrity...
Grinder - System to Automate the Fuzzing of Web Browsers
Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information such as call stacks with symbol information as well as logging information which can be used...
CVE-2015-0388
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417...
CVE-2015-0369
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI...
CVE-2014-6573
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...
Code injection
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...
CVE-2014-6573
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...
CVE-2014-6573
CVE-2014-6573 affects Oracle Enterprise Manager Grid Control’s Ops Center UI Framework in version 11.1.3 and 12.1.4. The vulnerability is described as an unspecified issue in the User Interface Framework that could allow remote attackers to impact integrity via unknown vectors. The NVD entry list...
Oracle Transportation Management Remote Vulnerability (CNVD-2015-00482)
Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'UI Infrastructure' subcomponent...
Multiple Command Execution Vulnerabilities in AlienVault OSSIM and USM
AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM and USM web UI allows users to automate the deployment of OSSEC agents to windows hosts, Failure to filter correctly when providing usernames and passwords can...