Grinder - System to Automate the Fuzzing of Web Browsers

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information such as call stacks with symbol information as well as logging information which can be used...

CVE-2015-0388

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417...

CVE-2015-0369

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI...

CVE-2014-6573

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

Code injection

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

CVE-2014-6573

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

CVE-2014-6573

CVE-2014-6573 affects Oracle Enterprise Manager Grid Control’s Ops Center UI Framework in version 11.1.3 and 12.1.4. The vulnerability is described as an unspecified issue in the User Interface Framework that could allow remote attackers to impact integrity via unknown vectors. The NVD entry list...

Oracle Transportation Management Remote Vulnerability (CNVD-2015-00482)

Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'UI Infrastructure' subcomponent...

Multiple Command Execution Vulnerabilities in AlienVault OSSIM and USM

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM and USM web UI allows users to automate the deployment of OSSEC agents to windows hosts, Failure to filter correctly when providing usernames and passwords can...

Cisco Unified Communications Domain Manager XSS Vulnerability

A vulnerability in the web framework of the Cisco Unified Communications Domain Manager application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web interface on an affected system. The vulnerability is due to imprope...

Cisco Unified Communications Domain Manager Blind Command Injection Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Domain Manager Application Software version 8 could allow an authenticated, remote attacker to inject commands that can be executed by the underlying operating system with the privileges of the web server process. The...

KLA10611 Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...

[SECURITY] Fedora 21 Update: libreoffice-4.3.4.1-8.fc21

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

DEBIAN-CVE-2014-7850

Cross-site scripting XSS vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation...

CVE-2014-7850

Cross-site scripting XSS vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation...

UBUNTU-CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

[SECURITY] Fedora 20 Update: tnftp-20141031-1.fc20

tnftp is the FTP File Transfer Protocol client from NetBSD. FTP is a wid ely used protocol for transferring files over the Internet and for archiving fi les. tnftp provides some advanced features beyond the Linux netkit ftp client, b ut maintains a similar user interface to the traditional ftp...

CVE-2014-2335

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...

CVE-2014-2336

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335...

CVE-2014-2335

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...