CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8198 matches found

OpenVAS•added 2011/06/15 12:0 a.m.•38 views

Internet Explorer Vector Markup Language Remote Code Execution Vulnerability (2544521)

This host is missing a critical security update according to Microsoft Bulletin MS11-052. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.17977EPSS

Exploits1References3

Tenable Nessus•added 2011/06/15 12:0 a.m.•41 views

MS11-052: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

The remote host is missing Internet Explorer IE Security Update 2497640. The installed version of IE is affected by a vulnerability in the implementation of the Vector Markup Language VML that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc...

9.3CVSS6.2AI score0.17977EPSS

Exploits1References3

Vulnerability Lab•added 2011/06/12 12:0 a.m.•20 views

Parallels Plesk v9.0.2b - Cross Site Scripting Vulnerability

Document Title: =============== Parallels Plesk v9.0.2b - Cross Site Scripting Vulnerability Release Date: ============= 2011-06-12 Vulnerability Laboratory ID VL-ID: ==================================== 153 Product & Service Introduction: =============================== Parallels Plesk Panel ist...

0.1AI score

Exploits0

Exploit DB•added 2011/05/24 12:0 a.m.•20 views

Gadu-Gadu Instant Messenger 6.0 - File Transfer Cross-Site Scripting

source: https://www.securityfocus.com/bid/47957/info Gadu-Gadu Instant Messenger is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

7.4AI score

Exploits0

exploitpack•added 2011/05/20 12:0 a.m.•76 views

PHP Captcha Securimage 2.0.2 - Authentication Bypass

PHP Captcha Securimage 2.0.2 - Authentication Bypass Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact...

0.3AI score

Exploits0

The Hacker News•added 2011/05/03 12:17 a.m.•12 views

USB Immunizer : Anti-Malware Tool Against Autorun Viruses

USB Immunizer : Anti-Malware Tool Against Autorun Viruses The USB immunizer is BitDefender's response to this growing issue. Autorun-based malware has been atop of the worldwide e-threat landscape, with notorious representatives such as Trojan.AutorunInf, the Conficker worm Win32.Worm.Downadup or...

6.7AI score

Exploits0

CVE•added 2011/04/10 1:29 a.m.•42 views

CVE-2011-1680

CVE-2011-1680 concerns ncpmount in ncpfs 2.2.6 and earlier, where the /etc/mtab~ lock file is not removed after a failed attempt to add a mount entry. The entry notes unspecified impact and local attack vectors. Connected sources also indicate this issue is addressed alongside related CVEs (CVE-2...

4.4CVSS6.1AI score0.00474EPSS

Exploits1References18Affected Software1

securityvulns•added 2011/04/04 12:0 a.m.•120 views

AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability

AR Web Content Manager AWCM v2.2 Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1012 21/03/2011 Issue Discovered 24/03/2011 Vendor Notified 24/03/2011 Vendor Responded 25/03/2011 Vendor Solution Class: Cross-Site Scripting Severity: Medium...

0.3AI score

Exploits0

OSV•added 2011/03/11 2:1 a.m.•2 views

UBUNTU-CVE-2011-1203

Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

7.5CVSS7.3AI score0.01851EPSS

Exploits1References2

securityvulns•added 2011/03/09 12:0 a.m.•52 views

InSite Troubleshooting Cross-Site Scripting

Class Input Validation Error CVE Remote Yes Local No Published Feb 14 2011 08:55AM Credit Dionach Vulnerable Kodak InSite 5.5.2 Kodak InSite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execut...

0.3AI score

Exploits0

exploitpack•added 2011/03/03 12:0 a.m.•18 views

Support Incident Tracker (SiT!) 3.62 - Multiple Cross-Site Scripting Vulnerabilities

Support Incident Tracker SiT! 3.62 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46671/info Support Incident Tracker SiT! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker ma...

7AI score

Exploits0

CVE•added 2011/03/02 7:0 p.m.•93 views

CVE-2011-0055

CVE-2011-0055 is a use-after-free in JSON.stringify in js3250.dll affecting Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12. The issue is related to the js_HasOwnProperty handling and garbage collection; exploitation details are not specified in the provided doc...

10CVSS9.4AI score0.072EPSS

Exploits0References9Affected Software1

CVE•added 2011/02/18 6:0 p.m.•60 views

CVE-2010-4744

CVE-2010-4744 concerns abcm2ps and is described in multiple sources (GLSA 201111-12, OpenVAS entries) as one of several vulnerabilities affecting the package. The Gentoo GLSA states users should upgrade to abcm2ps-5.9.13 or newer to mitigate the issues; Fedora/OSS advisories reference the same CV...

10CVSS6.6AI score0.02583EPSS

Exploits0References7Affected Software1

UbuntuCve•added 2011/02/17 12:0 a.m.•28 views

CVE-2010-4450

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.229 and earlier for Solaris and Linux allows local standalone applications to affect...

3.7CVSS5.9AI score0.00411EPSS

Exploits0References5

RedHat Linux•added 2011/01/25 5:6 p.m.•1 views

WebKit: multiple vulnerabilities in WebKitGTK

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a use element in an SVG document...

9.3CVSS6.2AI score0.05961EPSS

Exploits0References4

OpenVAS•added 2011/01/21 12:0 a.m.•23 views

Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.8CVSS0.02533EPSS

Exploits0References2

RedHat Linux•added 2011/01/13 10:55 a.m.•3 views

python: untrusted python modules search path

Untrusted search path vulnerability in the PySysSetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv0 argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse...

6.9CVSS6.1AI score0.0051EPSS

Exploits1References4

OpenVAS•added 2011/01/11 12:0 a.m.•9 views

Fedora Update for libwmf FEDORA-2010-19033

Check for the Version of libwmf OpenVAS Vulnerability Test Fedora Update for libwmf FEDORA-2010-19033 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

0.3AI score

Exploits0References2